MCPcopy Index your code
hub / github.com/coder/coder / TestOAuth2RegistrationAccessToken

Function TestOAuth2RegistrationAccessToken

coderd/oauth2_test.go:1568–1649  ·  view source on GitHub ↗

TestOAuth2RegistrationAccessToken tests the registration access token middleware

(t *testing.T)

Source from the content-addressed store, hash-verified

1566
1567// TestOAuth2RegistrationAccessToken tests the registration access token middleware
1568func TestOAuth2RegistrationAccessToken(t *testing.T) {
1569 t.Parallel()
1570
1571 client := coderdtest.New(t, nil)
1572 _ = coderdtest.CreateFirstUser(t, client)
1573
1574 t.Run("ValidToken", func(t *testing.T) {
1575 t.Parallel()
1576 ctx := testutil.Context(t, testutil.WaitLong)
1577
1578 // Register a client
1579 req := codersdk.OAuth2ClientRegistrationRequest{
1580 RedirectURIs: []string{"https://example.com/callback"},
1581 ClientName: fmt.Sprintf("token-test-client-%d", time.Now().UnixNano()),
1582 }
1583
1584 resp, err := client.PostOAuth2ClientRegistration(ctx, req)
1585 require.NoError(t, err)
1586
1587 // Valid token should work
1588 config, err := client.GetOAuth2ClientConfiguration(ctx, resp.ClientID, resp.RegistrationAccessToken)
1589 require.NoError(t, err)
1590 require.Equal(t, resp.ClientID, config.ClientID)
1591 })
1592
1593 t.Run("ManuallyCreatedClient", func(t *testing.T) {
1594 t.Parallel()
1595 ctx := testutil.Context(t, testutil.WaitLong)
1596
1597 // Create a client through the normal API (not dynamic registration)
1598 appReq := codersdk.PostOAuth2ProviderAppRequest{
1599 Name: fmt.Sprintf("manual-%d", time.Now().UnixNano()%1000000),
1600 CallbackURL: "https://manual.com/callback",
1601 }
1602
1603 app, err := client.PostOAuth2ProviderApp(ctx, appReq)
1604 require.NoError(t, err)
1605
1606 // Should not be able to manage via RFC 7592 endpoints
1607 _, err = client.GetOAuth2ClientConfiguration(ctx, app.ID.String(), "any-token")
1608 require.Error(t, err)
1609 require.Contains(t, err.Error(), "invalid_token") // Client was not dynamically registered
1610 })
1611
1612 t.Run("TokenPasswordComparison", func(t *testing.T) {
1613 t.Parallel()
1614 ctx := testutil.Context(t, testutil.WaitLong)
1615
1616 // Register two clients to ensure tokens are unique
1617 timestamp := time.Now().UnixNano()
1618 req1 := codersdk.OAuth2ClientRegistrationRequest{
1619 RedirectURIs: []string{"https://client1.com/callback"},
1620 ClientName: fmt.Sprintf("client-1-%d", timestamp),
1621 }
1622 req2 := codersdk.OAuth2ClientRegistrationRequest{
1623 RedirectURIs: []string{"https://client2.com/callback"},
1624 ClientName: fmt.Sprintf("client-2-%d", timestamp+1),
1625 }

Callers

nothing calls this directly

Calls 11

NewFunction · 0.92
CreateFirstUserFunction · 0.92
ContextFunction · 0.92
PostOAuth2ProviderAppMethod · 0.80
RunMethod · 0.65
EqualMethod · 0.45
StringMethod · 0.45
ErrorMethod · 0.45
ContainsMethod · 0.45

Tested by

no test coverage detected