X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Fo_auth%2Fo_auth_controller_test.exs;h=0fdd5b8e9fb853e6cd2f4a84ef6eb1ad39030292;hb=b0130bfa7b420550aa7acba6a88c71aa22c51246;hp=4e197a4854d8b71b148d538c8c5cfe3fd16f5d93;hpb=d72f9e39d9f76ee8bbd26c068b2870ea945705b7;p=akkoma diff --git a/test/pleroma/web/o_auth/o_auth_controller_test.exs b/test/pleroma/web/o_auth/o_auth_controller_test.exs index 4e197a485..0fdd5b8e9 100644 --- a/test/pleroma/web/o_auth/o_auth_controller_test.exs +++ b/test/pleroma/web/o_auth/o_auth_controller_test.exs @@ -7,6 +7,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do import Pleroma.Factory + alias Pleroma.Helpers.AuthHelper alias Pleroma.MFA alias Pleroma.MFA.TOTP alias Pleroma.Repo @@ -455,7 +456,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn = conn - |> put_req_header("authorization", "Bearer #{token.token}") + |> AuthHelper.put_session_token(token.token) |> get( "/oauth/authorize", %{ @@ -479,7 +480,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn = conn - |> put_req_header("authorization", "Bearer #{token.token}") + |> AuthHelper.put_session_token(token.token) |> get( "/oauth/authorize", %{ @@ -502,7 +503,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn = conn - |> put_req_header("authorization", "Bearer #{token.token}") + |> AuthHelper.put_session_token(token.token) |> get( "/oauth/authorize", %{ @@ -528,7 +529,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn = conn - |> put_req_header("authorization", "Bearer #{token.token}") + |> AuthHelper.put_session_token(token.token) |> get( "/oauth/authorize", %{ @@ -552,7 +553,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn = conn - |> put_req_header("authorization", "Bearer #{token.token}") + |> AuthHelper.put_session_token(token.token) |> get( "/oauth/authorize", %{ @@ -610,6 +611,41 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do end end + test "authorize from cookie" do + user = insert(:user) + app = insert(:oauth_app) + oauth_token = insert(:oauth_token, user: user, app: app) + redirect_uri = OAuthController.default_redirect_uri(app) + + conn = + build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session() + |> AuthHelper.put_session_token(oauth_token.token) + |> post( + "/oauth/authorize", + %{ + "authorization" => %{ + "name" => user.nickname, + "client_id" => app.client_id, + "redirect_uri" => redirect_uri, + "scope" => app.scopes, + "state" => "statepassed" + } + } + ) + + target = redirected_to(conn) + assert target =~ redirect_uri + + query = URI.parse(target).query |> URI.query_decoder() |> Map.new() + + assert %{"state" => "statepassed", "code" => code} = query + auth = Repo.get_by(Authorization, token: code) + assert auth + assert auth.scopes == app.scopes + end + test "redirect to on two-factor auth page" do otp_secret = TOTP.generate_secret() @@ -1182,7 +1218,6 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do response = build_conn() - |> put_req_header("authorization", "Bearer #{access_token.token}") |> post("/oauth/token", %{ "grant_type" => "refresh_token", "refresh_token" => access_token.refresh_token, @@ -1232,11 +1267,12 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do build_conn() |> Plug.Session.call(Plug.Session.init(@session_opts)) |> fetch_session() - |> put_req_header("authorization", "Bearer #{oauth_token.token}") + |> AuthHelper.put_session_token(oauth_token.token) |> post("/oauth/revoke", %{"token" => oauth_token.token}) assert json_response(conn, 200) + refute AuthHelper.get_session_token(conn) assert Token.get_by_token(oauth_token.token) == {:error, :not_found} end @@ -1250,11 +1286,12 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do build_conn() |> Plug.Session.call(Plug.Session.init(@session_opts)) |> fetch_session() - |> put_req_header("authorization", "Bearer #{oauth_token.token}") + |> AuthHelper.put_session_token(oauth_token.token) |> post("/oauth/revoke", %{"token" => other_app_oauth_token.token}) assert json_response(conn, 200) + assert AuthHelper.get_session_token(conn) == oauth_token.token assert Token.get_by_token(other_app_oauth_token.token) == {:error, :not_found} end