ForceRefresh forces the client to refresh its oauth token. It does this by expiring the oauth token, then doing an authenticated call. This will force the API Key middleware to refresh the oauth token. A unit test assertion makes sure the refresh token is used.
(t *testing.T, db database.Store, user *codersdk.Client, idToken jwt.MapClaims)
| 101 | // |
| 102 | // A unit test assertion makes sure the refresh token is used. |
| 103 | func (h *LoginHelper) ForceRefresh(t *testing.T, db database.Store, user *codersdk.Client, idToken jwt.MapClaims) { |
| 104 | t.Helper() |
| 105 | |
| 106 | link := h.ExpireOauthToken(t, db, user) |
| 107 | // Updates the claims that the IDP will return. By default, it always |
| 108 | // uses the original claims for the original oauth token. |
| 109 | h.fake.UpdateRefreshClaims(link.OAuthRefreshToken, idToken) |
| 110 | |
| 111 | t.Cleanup(func() { |
| 112 | require.True(t, h.fake.RefreshUsed(link.OAuthRefreshToken), "refresh token must be used, but has not. Did you forget to call the returned function from this call?") |
| 113 | }) |
| 114 | |
| 115 | // Do any authenticated call to force the refresh |
| 116 | _, err := user.User(testutil.Context(t, testutil.WaitShort), "me") |
| 117 | require.NoError(t, err, "user must be able to be fetched") |
| 118 | } |
| 119 | |
| 120 | // OAuth2GetCode emulates a user clicking "allow" on the IDP page. When doing |
| 121 | // unit tests, it's easier to skip this step sometimes. It does make an actual |