MCPcopy Index your code
hub / github.com/coder/coder / TestOAuth2SpecificErrorScenarios

Function TestOAuth2SpecificErrorScenarios

coderd/oauth2_error_compliance_test.go:356–431  ·  view source on GitHub ↗

TestOAuth2SpecificErrorScenarios tests specific error scenarios from RFC specifications

(t *testing.T)

Source from the content-addressed store, hash-verified

354
355// TestOAuth2SpecificErrorScenarios tests specific error scenarios from RFC specifications
356func TestOAuth2SpecificErrorScenarios(t *testing.T) {
357 t.Parallel()
358
359 // Single instance shared across all sub-tests that need a
360 // coderd server. Sub-tests that don't need one just ignore it.
361 client := coderdtest.New(t, nil)
362 _ = coderdtest.CreateFirstUser(t, client)
363
364 t.Run("MissingRequiredFields", func(t *testing.T) {
365 t.Parallel()
366
367 ctx := testutil.Context(t, testutil.WaitLong)
368
369 // Test completely empty request
370 req := codersdk.OAuth2ClientRegistrationRequest{}
371 _, err := client.PostOAuth2ClientRegistration(ctx, req)
372 require.Error(t, err)
373
374 var httpErr *codersdk.Error
375 require.ErrorAs(t, err, &httpErr)
376 require.Equal(t, http.StatusBadRequest, httpErr.StatusCode())
377 // Error properly returned with bad request status
378 })
379
380 t.Run("InvalidJSONStructure", func(t *testing.T) {
381 t.Parallel()
382
383 // For invalid JSON structure, we'd need to make raw HTTP requests
384 // This is tested implicitly through the other tests since we're using
385 // typed requests that ensure proper JSON structure
386 })
387
388 t.Run("UnsupportedFields", func(t *testing.T) {
389 t.Parallel()
390
391 ctx := testutil.Context(t, testutil.WaitLong)
392
393 // Test with fields that might not be supported yet
394 req := codersdk.OAuth2ClientRegistrationRequest{
395 RedirectURIs: []string{"https://example.com/callback"},
396 ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()),
397 TokenEndpointAuthMethod: "private_key_jwt", // Not supported yet
398 }
399
400 _, err := client.PostOAuth2ClientRegistration(ctx, req)
401 require.Error(t, err)
402
403 var httpErr *codersdk.Error
404 require.ErrorAs(t, err, &httpErr)
405 require.Equal(t, http.StatusBadRequest, httpErr.StatusCode())
406 // Error properly returned with bad request status
407 })
408
409 t.Run("SecurityBoundaryErrors", func(t *testing.T) {
410 t.Parallel()
411
412 ctx := testutil.Context(t, testutil.WaitLong)
413

Callers

nothing calls this directly

Calls 9

StatusCodeMethod · 0.95
NewFunction · 0.92
CreateFirstUserFunction · 0.92
ContextFunction · 0.92
RunMethod · 0.65
ErrorMethod · 0.45
EqualMethod · 0.45

Tested by

no test coverage detected