redirection test
This commit is contained in:
parent
0cc9d5aa32
commit
515af3176a
|
@ -95,7 +95,6 @@ describe('OAuth', () => {
|
||||||
|
|
||||||
const location = new URL(decisionResponse.headers.get('location')!);
|
const location = new URL(decisionResponse.headers.get('location')!);
|
||||||
assert.strictEqual(location.origin + location.pathname, redirect_uri);
|
assert.strictEqual(location.origin + location.pathname, redirect_uri);
|
||||||
|
|
||||||
assert.ok(location.searchParams.has('code'));
|
assert.ok(location.searchParams.has('code'));
|
||||||
assert.strictEqual(location.searchParams.get('state'), 'state');
|
assert.strictEqual(location.searchParams.get('state'), 'state');
|
||||||
|
|
||||||
|
@ -366,11 +365,54 @@ describe('OAuth', () => {
|
||||||
// TODO: error code (invalid_token)
|
// TODO: error code (invalid_token)
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('Redirection', () => {
|
||||||
|
test('Invalid redirect_uri at authorization endpoint', async () => {
|
||||||
|
const client = getClient();
|
||||||
|
|
||||||
|
const response = await fetch(client.authorizeURL({
|
||||||
|
redirect_uri: 'http://127.0.0.2/',
|
||||||
|
scope: 'write:notes',
|
||||||
|
state: 'state',
|
||||||
|
code_challenge: 'code',
|
||||||
|
code_challenge_method: 'S256',
|
||||||
|
}));
|
||||||
|
// TODO: status code
|
||||||
|
assert.strictEqual(response.status, 500);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Invalid redirect_uri at token endpoint', async () => {
|
||||||
|
const { code_challenge, code_verifier } = pkceChallenge.default(128);
|
||||||
|
|
||||||
|
const client = getClient();
|
||||||
|
|
||||||
|
const response = await fetch(client.authorizeURL({
|
||||||
|
redirect_uri,
|
||||||
|
scope: 'write:notes',
|
||||||
|
state: 'state',
|
||||||
|
code_challenge,
|
||||||
|
code_challenge_method: 'S256',
|
||||||
|
}));
|
||||||
|
assert.strictEqual(response.status, 200);
|
||||||
|
|
||||||
|
const decisionResponse = await fetchDecisionFromResponse(response, alice);
|
||||||
|
assert.strictEqual(decisionResponse.status, 302);
|
||||||
|
|
||||||
|
const location = new URL(decisionResponse.headers.get('location')!);
|
||||||
|
assert.ok(location.searchParams.has('code'));
|
||||||
|
|
||||||
|
await assert.rejects(client.getToken({
|
||||||
|
code: location.searchParams.get('code')!,
|
||||||
|
redirect_uri: 'http://127.0.0.2/',
|
||||||
|
code_verifier,
|
||||||
|
}));
|
||||||
|
});
|
||||||
|
|
||||||
|
// TODO: disallow random same-origin URLs with strict redirect_uris with client information discovery
|
||||||
|
});
|
||||||
|
|
||||||
// TODO: .well-known/oauth-authorization-server
|
// TODO: .well-known/oauth-authorization-server
|
||||||
|
|
||||||
// TODO: authorizing two users concurrently
|
// TODO: authorizing two users concurrently
|
||||||
|
|
||||||
// TODO: invalid redirect_uri (at authorize / at token)
|
|
||||||
|
|
||||||
// TODO: Error format required by OAuth spec
|
// TODO: Error format required by OAuth spec
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue