git.squeep.com Git - akkoma/blob - test/web/oauth/authorization_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.OAuth.AuthorizationTest do
   6   use Pleroma.DataCase
   7   alias Pleroma.Web.OAuth.Authorization
   8   alias Pleroma.Web.OAuth.App
   9   import Pleroma.Factory
  10
  11   test "create an authorization token for a valid app" do
  12     {:ok, app} =
  13       Repo.insert(
  14         App.register_changeset(%App{}, %{
  15           client_name: "client",
  16           scopes: ["scope"],
  17           redirect_uris: "url"
  18         })
  19       )
  20
  21     user = insert(:user)
  22
  23     {:ok, auth} = Authorization.create_authorization(app, user)
  24
  25     assert auth.user_id == user.id
  26     assert auth.app_id == app.id
  27     assert String.length(auth.token) > 10
  28     assert auth.used == false
  29   end
  30
  31   test "use up a token" do
  32     {:ok, app} =
  33       Repo.insert(
  34         App.register_changeset(%App{}, %{
  35           client_name: "client",
  36           scopes: ["scope"],
  37           redirect_uris: "url"
  38         })
  39       )
  40
  41     user = insert(:user)
  42
  43     {:ok, auth} = Authorization.create_authorization(app, user)
  44
  45     {:ok, auth} = Authorization.use_token(auth)
  46
  47     assert auth.used == true
  48
  49     assert {:error, "already used"} == Authorization.use_token(auth)
  50
  51     expired_auth = %Authorization{
  52       user_id: user.id,
  53       app_id: app.id,
  54       valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), -10),
  55       token: "mytoken",
  56       used: false
  57     }
  58
  59     {:ok, expired_auth} = Repo.insert(expired_auth)
  60
  61     assert {:error, "token expired"} == Authorization.use_token(expired_auth)
  62   end
  63
  64   test "delete authorizations" do
  65     {:ok, app} =
  66       Repo.insert(
  67         App.register_changeset(%App{}, %{
  68           client_name: "client",
  69           scopes: ["scope"],
  70           redirect_uris: "url"
  71         })
  72       )
  73
  74     user = insert(:user)
  75
  76     {:ok, auth} = Authorization.create_authorization(app, user)
  77     {:ok, auth} = Authorization.use_token(auth)
  78
  79     Authorization.delete_user_authorizations(user)
  80
  81     {_, invalid} = Authorization.use_token(auth)
  82
  83     assert auth != invalid
  84   end
  85 end