(t *testing.T)
| 531 | } |
| 532 | |
| 533 | func TestOAuth2ProviderTokenRefresh(t *testing.T) { |
| 534 | t.Parallel() |
| 535 | ctx := testutil.Context(t, testutil.WaitLong) |
| 536 | |
| 537 | db, pubsub := dbtestutil.NewDB(t) |
| 538 | ownerClient := coderdtest.New(t, &coderdtest.Options{ |
| 539 | Database: db, |
| 540 | Pubsub: pubsub, |
| 541 | }) |
| 542 | owner := coderdtest.CreateFirstUser(t, ownerClient) |
| 543 | apps := generateApps(ctx, t, ownerClient, "token-refresh") |
| 544 | |
| 545 | //nolint:gocritic // OAauth2 app management requires owner permission. |
| 546 | secret, err := ownerClient.PostOAuth2ProviderAppSecret(ctx, apps.Default.ID) |
| 547 | require.NoError(t, err) |
| 548 | |
| 549 | // One path not tested here is when the token is empty, because Go's OAuth2 |
| 550 | // client library will not even try to make the request. |
| 551 | tests := []struct { |
| 552 | name string |
| 553 | app codersdk.OAuth2ProviderApp |
| 554 | // If null, assume the token should be valid. |
| 555 | defaultToken *string |
| 556 | error string |
| 557 | expires time.Time |
| 558 | }{ |
| 559 | { |
| 560 | name: "NoTokenScheme", |
| 561 | app: apps.Default, |
| 562 | defaultToken: ptr.Ref("1234_4321"), |
| 563 | error: "The refresh token is invalid or expired", |
| 564 | }, |
| 565 | { |
| 566 | name: "InvalidTokenScheme", |
| 567 | app: apps.Default, |
| 568 | defaultToken: ptr.Ref("notcoder_1234_4321"), |
| 569 | error: "The refresh token is invalid or expired", |
| 570 | }, |
| 571 | { |
| 572 | name: "MissingTokenSecret", |
| 573 | app: apps.Default, |
| 574 | defaultToken: ptr.Ref("coder_1234"), |
| 575 | error: "The refresh token is invalid or expired", |
| 576 | }, |
| 577 | { |
| 578 | name: "MissingTokenPrefix", |
| 579 | app: apps.Default, |
| 580 | defaultToken: ptr.Ref("coder__1234"), |
| 581 | error: "The refresh token is invalid or expired", |
| 582 | }, |
| 583 | { |
| 584 | name: "InvalidTokenPrefix", |
| 585 | app: apps.Default, |
| 586 | defaultToken: ptr.Ref("coder_1234_4321"), |
| 587 | error: "The refresh token is invalid or expired", |
| 588 | }, |
| 589 | { |
| 590 | name: "Expired", |
nothing calls this directly
no test coverage detected