TestOAuth2ClientConfiguration tests RFC 7592 client configuration management
(t *testing.T)
| 1442 | |
| 1443 | // TestOAuth2ClientConfiguration tests RFC 7592 client configuration management |
| 1444 | func TestOAuth2ClientConfiguration(t *testing.T) { |
| 1445 | t.Parallel() |
| 1446 | |
| 1447 | client := coderdtest.New(t, nil) |
| 1448 | _ = coderdtest.CreateFirstUser(t, client) |
| 1449 | |
| 1450 | // Helper to register a client |
| 1451 | registerClient := func(t *testing.T) (string, string, string) { |
| 1452 | ctx := testutil.Context(t, testutil.WaitLong) |
| 1453 | // Use shorter client name to avoid database varchar(64) constraint |
| 1454 | clientName := fmt.Sprintf("client-%d", time.Now().UnixNano()) |
| 1455 | req := codersdk.OAuth2ClientRegistrationRequest{ |
| 1456 | RedirectURIs: []string{"https://example.com/callback"}, |
| 1457 | ClientName: clientName, |
| 1458 | ClientURI: "https://example.com", |
| 1459 | } |
| 1460 | |
| 1461 | resp, err := client.PostOAuth2ClientRegistration(ctx, req) |
| 1462 | require.NoError(t, err) |
| 1463 | return resp.ClientID, resp.RegistrationAccessToken, clientName |
| 1464 | } |
| 1465 | |
| 1466 | t.Run("GetConfiguration", func(t *testing.T) { |
| 1467 | t.Parallel() |
| 1468 | |
| 1469 | ctx := testutil.Context(t, testutil.WaitLong) |
| 1470 | clientID, token, clientName := registerClient(t) |
| 1471 | |
| 1472 | // Get client configuration |
| 1473 | config, err := client.GetOAuth2ClientConfiguration(ctx, clientID, token) |
| 1474 | require.NoError(t, err) |
| 1475 | |
| 1476 | // Verify fields |
| 1477 | require.Equal(t, clientID, config.ClientID) |
| 1478 | require.Greater(t, config.ClientIDIssuedAt, int64(0)) |
| 1479 | require.Equal(t, []string{"https://example.com/callback"}, config.RedirectURIs) |
| 1480 | require.Equal(t, clientName, config.ClientName) |
| 1481 | require.Equal(t, "https://example.com", config.ClientURI) |
| 1482 | |
| 1483 | // Should not contain client_secret in GET response |
| 1484 | require.Empty(t, config.RegistrationAccessToken) // Not included in GET |
| 1485 | }) |
| 1486 | |
| 1487 | t.Run("UpdateConfiguration", func(t *testing.T) { |
| 1488 | t.Parallel() |
| 1489 | ctx := testutil.Context(t, testutil.WaitLong) |
| 1490 | |
| 1491 | clientID, token, _ := registerClient(t) |
| 1492 | |
| 1493 | // Update client configuration |
| 1494 | updatedName := fmt.Sprintf("updated-test-client-%d", time.Now().UnixNano()) |
| 1495 | updateReq := codersdk.OAuth2ClientRegistrationRequest{ |
| 1496 | RedirectURIs: []string{"https://newdomain.com/callback", "https://example.com/callback"}, |
| 1497 | ClientName: updatedName, |
| 1498 | ClientURI: "https://newdomain.com", |
| 1499 | LogoURI: "https://newdomain.com/logo.png", |
| 1500 | } |
| 1501 |
nothing calls this directly
no test coverage detected