git.squeep.com Git - akkoma/blob - test/web/oauth/authorization_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.OAuth.AuthorizationTest do
   6   use Pleroma.DataCase
   7   alias Pleroma.Web.OAuth.{Authorization, App}
   8   import Pleroma.Factory
   9
  10   test "create an authorization token for a valid app" do
  11     {:ok, app} =
  12       Repo.insert(
  13         App.register_changeset(%App{}, %{
  14           client_name: "client",
  15           scopes: "scope",
  16           redirect_uris: "url"
  17         })
  18       )
  19
  20     user = insert(:user)
  21
  22     {:ok, auth} = Authorization.create_authorization(app, user)
  23
  24     assert auth.user_id == user.id
  25     assert auth.app_id == app.id
  26     assert String.length(auth.token) > 10
  27     assert auth.used == false
  28   end
  29
  30   test "use up a token" do
  31     {:ok, app} =
  32       Repo.insert(
  33         App.register_changeset(%App{}, %{
  34           client_name: "client",
  35           scopes: "scope",
  36           redirect_uris: "url"
  37         })
  38       )
  39
  40     user = insert(:user)
  41
  42     {:ok, auth} = Authorization.create_authorization(app, user)
  43
  44     {:ok, auth} = Authorization.use_token(auth)
  45
  46     assert auth.used == true
  47
  48     assert {:error, "already used"} == Authorization.use_token(auth)
  49
  50     expired_auth = %Authorization{
  51       user_id: user.id,
  52       app_id: app.id,
  53       valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), -10),
  54       token: "mytoken",
  55       used: false
  56     }
  57
  58     {:ok, expired_auth} = Repo.insert(expired_auth)
  59
  60     assert {:error, "token expired"} == Authorization.use_token(expired_auth)
  61   end
  62
  63   test "delete authorizations" do
  64     {:ok, app} =
  65       Repo.insert(
  66         App.register_changeset(%App{}, %{
  67           client_name: "client",
  68           scopes: "scope",
  69           redirect_uris: "url"
  70         })
  71       )
  72
  73     user = insert(:user)
  74
  75     {:ok, auth} = Authorization.create_authorization(app, user)
  76     {:ok, auth} = Authorization.use_token(auth)
  77
  78     Authorization.delete_user_authorizations(user)
  79
  80     {_, invalid} = Authorization.use_token(auth)
  81
  82     assert auth != invalid
  83   end
  84 end