git.squeep.com Git - akkoma/blob - test/plugs/oauth_plug_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Plugs.OAuthPlugTest do
   6   use Pleroma.Web.ConnCase, async: true
   7
   8   alias Pleroma.Plugs.OAuthPlug
   9   import Pleroma.Factory
  10
  11   @session_opts [
  12     store: :cookie,
  13     key: "_test",
  14     signing_salt: "cooldude"
  15   ]
  16
  17   setup %{conn: conn} do
  18     user = insert(:user)
  19     {:ok, %{token: token}} = Pleroma.Web.OAuth.Token.create_token(insert(:oauth_app), user)
  20     %{user: user, token: token, conn: conn}
  21   end
  22
  23   test "with valid token(uppercase), it assigns the user", %{conn: conn} = opts do
  24     conn =
  25       conn
  26       |> put_req_header("authorization", "BEARER #{opts[:token]}")
  27       |> OAuthPlug.call(%{})
  28
  29     assert conn.assigns[:user] == opts[:user]
  30   end
  31
  32   test "with valid token(downcase), it assigns the user", %{conn: conn} = opts do
  33     conn =
  34       conn
  35       |> put_req_header("authorization", "bearer #{opts[:token]}")
  36       |> OAuthPlug.call(%{})
  37
  38     assert conn.assigns[:user] == opts[:user]
  39   end
  40
  41   test "with invalid token, it not assigns the user", %{conn: conn} do
  42     conn =
  43       conn
  44       |> put_req_header("authorization", "bearer TTTTT")
  45       |> OAuthPlug.call(%{})
  46
  47     refute conn.assigns[:user]
  48   end
  49
  50   test "when token is missed but token in session, it assigns the user", %{conn: conn} = opts do
  51     conn =
  52       conn
  53       |> Plug.Session.call(Plug.Session.init(@session_opts))
  54       |> fetch_session()
  55       |> put_session(:oauth_token, opts[:token])
  56       |> OAuthPlug.call(%{})
  57
  58     assert conn.assigns[:user] == opts[:user]
  59   end
  60 end