utils/tests/pub/oauth2_test.dart - sdk.git - Git at Google

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.

 library oauth2_test;

 import 'dart:io';
 import 'dart:json' as json;
 import 'dart:uri';

 import 'test_pub.dart';
 import '../../../pkg/http/lib/http.dart' as http;
 import '../../../pkg/unittest/lib/unittest.dart';
 import '../../pub/io.dart';
 import '../../pub/utils.dart';

 main() {
   setUp(() => normalPackage.scheduleCreate());

   integration('with no credentials.json, authenticates and saves '
       'credentials.json', () {
     var server = new ScheduledServer();
     var pub = startPubLish(server);
     confirmPublish(pub);
     authorizePub(pub, server);

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       expect(request.headers.value('authorization'),
           equals('Bearer access token'));

       response.outputStream.close();
     });

     // After we give pub an invalid response, it should crash. We wait for it to
     // do so rather than killing it so it'll write out the credentials file.
     pub.shouldExit(1);

     credentialsFile(server, 'access token').scheduleValidate();
   });

   integration('with a pre-existing credentials.json does not authenticate', () {
     var server = new ScheduledServer();
     credentialsFile(server, 'access token').scheduleCreate();
     var pub = startPubLish(server);
     confirmPublish(pub);

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       expect(request.headers.value('authorization'),
           equals('Bearer access token'));

       response.outputStream.close();
     });

     pub.kill();
   });

   integration('with an expired credentials.json, refreshes and saves the '
       'refreshed access token to credentials.json', () {
     var server = new ScheduledServer();
     credentialsFile(server, 'access token',
         refreshToken: 'refresh token',
         expiration: new DateTime.now().subtract(new Duration(hours: 1)))
         .scheduleCreate();

     var pub = startPubLish(server);
     confirmPublish(pub);

     server.handle('POST', '/token', (request, response) {
       return wrapInputStream(request.inputStream).toBytes().then((bytes) {
         var body = new String.fromCharCodes(bytes);
         expect(body, matches(
             new RegExp(r'(^|&)refresh_token=refresh\+token(&|$)')));

         response.headers.contentType = new ContentType("application", "json");
         response.outputStream.writeString(json.stringify({
           "access_token": "new access token",
           "token_type": "bearer"
         }));
         response.outputStream.close();
       });
     });

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       expect(request.headers.value('authorization'),
           equals('Bearer new access token'));

       response.outputStream.close();
     });

     pub.shouldExit();

     credentialsFile(server, 'new access token', refreshToken: 'refresh token')
         .scheduleValidate();
   });

   integration('with an expired credentials.json without a refresh token, '
        'authenticates again and saves credentials.json', () {
     var server = new ScheduledServer();
     credentialsFile(server, 'access token',
         expiration: new DateTime.now().subtract(new Duration(hours: 1)))
         .scheduleCreate();

     var pub = startPubLish(server);
     confirmPublish(pub);

     expectLater(pub.nextErrLine(), equals("Pub's authorization to upload "
           "packages has expired and can't be automatically refreshed."));
     authorizePub(pub, server, "new access token");

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       expect(request.headers.value('authorization'),
           equals('Bearer new access token'));

       response.outputStream.close();
     });

     // After we give pub an invalid response, it should crash. We wait for it to
     // do so rather than killing it so it'll write out the credentials file.
     pub.shouldExit(1);

     credentialsFile(server, 'new access token').scheduleValidate();
   });

   integration('with a malformed credentials.json, authenticates again and '
       'saves credentials.json', () {
     var server = new ScheduledServer();
     dir(cachePath, [
       file('credentials.json', '{bad json')
     ]).scheduleCreate();

     var pub = startPubLish(server);
     confirmPublish(pub);
     authorizePub(pub, server, "new access token");

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       expect(request.headers.value('authorization'),
           equals('Bearer new access token'));

       response.outputStream.close();
     });


     // After we give pub an invalid response, it should crash. We wait for it to
     // do so rather than killing it so it'll write out the credentials file.
     pub.shouldExit(1);

     credentialsFile(server, 'new access token').scheduleValidate();
   });

   integration('with server-rejected credentials, authenticates again and saves '
       'credentials.json', () {
     var server = new ScheduledServer();
     credentialsFile(server, 'access token').scheduleCreate();
     var pub = startPubLish(server);

     confirmPublish(pub);

     server.handle('GET', '/packages/versions/new.json', (request, response) {
       response.statusCode = 401;
       response.headers.set('www-authenticate', 'Bearer error="invalid_token",'
           ' error_description="your token sucks"');
       response.outputStream.writeString(json.stringify({
         'error': {'message': 'your token sucks'}
       }));
       response.outputStream.close();
     });

     expectLater(pub.nextErrLine(), equals('OAuth2 authorization failed (your '
         'token sucks).'));
     // TODO(rnystrom): The confirm line is run together with this one because
     // in normal usage, the user will have entered a newline on stdin which
     // gets echoed to the terminal. Do something better here?
     expectLater(pub.nextLine(), equals(
         'Looks great! Are you ready to upload your package (y/n)? '
         'Pub needs your authorization to upload packages on your behalf.'));
     pub.kill();
   });
 }

 void authorizePub(ScheduledProcess pub, ScheduledServer server,
     [String accessToken="access token"]) {
   // TODO(rnystrom): The confirm line is run together with this one because
   // in normal usage, the user will have entered a newline on stdin which
   // gets echoed to the terminal. Do something better here?
   expectLater(pub.nextLine(), equals(
       'Looks great! Are you ready to upload your package (y/n)? '
       'Pub needs your authorization to upload packages on your behalf.'));

   expectLater(pub.nextLine().then((line) {
     var match = new RegExp(r'[?&]redirect_uri=([0-9a-zA-Z%+-]+)[$&]')
         .firstMatch(line);
     expect(match, isNotNull);

     var redirectUrl = Uri.parse(decodeUriComponent(match.group(1)));
     redirectUrl = addQueryParameters(redirectUrl, {'code': 'access code'});
     return (new http.Request('GET', redirectUrl)..followRedirects = false)
       .send();
   }).then((response) {
     expect(response.headers['location'],
         equals('http://pub.dartlang.org/authorized'));
   }), anything);

   handleAccessTokenRequest(server, accessToken);
 }

 void handleAccessTokenRequest(ScheduledServer server, String accessToken) {
   server.handle('POST', '/token', (request, response) {
     return wrapInputStream(request.inputStream).toBytes().then((bytes) {
       var body = new String.fromCharCodes(bytes);
       expect(body, matches(new RegExp(r'(^|&)code=access\+code(&|$)')));

       response.headers.contentType = new ContentType("application", "json");
       response.outputStream.writeString(json.stringify({
         "access_token": accessToken,
         "token_type": "bearer"
       }));
       response.outputStream.close();
     });
   });
 }
	// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
	// for details. All rights reserved. Use of this source code is governed by a
	// BSD-style license that can be found in the LICENSE file.

	library oauth2_test;

	import 'dart:io';
	import 'dart:json' as json;
	import 'dart:uri';

	import 'test_pub.dart';
	import '../../../pkg/http/lib/http.dart' as http;
	import '../../../pkg/unittest/lib/unittest.dart';
	import '../../pub/io.dart';
	import '../../pub/utils.dart';

	main() {
	setUp(() => normalPackage.scheduleCreate());

	integration('with no credentials.json, authenticates and saves '
	'credentials.json', () {
	var server = new ScheduledServer();
	var pub = startPubLish(server);
	confirmPublish(pub);
	authorizePub(pub, server);

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	expect(request.headers.value('authorization'),
	equals('Bearer access token'));

	response.outputStream.close();
	});

	// After we give pub an invalid response, it should crash. We wait for it to
	// do so rather than killing it so it'll write out the credentials file.
	pub.shouldExit(1);

	credentialsFile(server, 'access token').scheduleValidate();
	});

	integration('with a pre-existing credentials.json does not authenticate', () {
	var server = new ScheduledServer();
	credentialsFile(server, 'access token').scheduleCreate();
	var pub = startPubLish(server);
	confirmPublish(pub);

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	expect(request.headers.value('authorization'),
	equals('Bearer access token'));

	response.outputStream.close();
	});

	pub.kill();
	});

	integration('with an expired credentials.json, refreshes and saves the '
	'refreshed access token to credentials.json', () {
	var server = new ScheduledServer();
	credentialsFile(server, 'access token',
	refreshToken: 'refresh token',
	expiration: new DateTime.now().subtract(new Duration(hours: 1)))
	.scheduleCreate();

	var pub = startPubLish(server);
	confirmPublish(pub);

	server.handle('POST', '/token', (request, response) {
	return wrapInputStream(request.inputStream).toBytes().then((bytes) {
	var body = new String.fromCharCodes(bytes);
	expect(body, matches(
	new RegExp(r'(^\|&)refresh_token=refresh\+token(&\|$)')));

	response.headers.contentType = new ContentType("application", "json");
	response.outputStream.writeString(json.stringify({
	"access_token": "new access token",
	"token_type": "bearer"
	}));
	response.outputStream.close();
	});
	});

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	expect(request.headers.value('authorization'),
	equals('Bearer new access token'));

	response.outputStream.close();
	});

	pub.shouldExit();

	credentialsFile(server, 'new access token', refreshToken: 'refresh token')
	.scheduleValidate();
	});

	integration('with an expired credentials.json without a refresh token, '
	'authenticates again and saves credentials.json', () {
	var server = new ScheduledServer();
	credentialsFile(server, 'access token',
	expiration: new DateTime.now().subtract(new Duration(hours: 1)))
	.scheduleCreate();

	var pub = startPubLish(server);
	confirmPublish(pub);

	expectLater(pub.nextErrLine(), equals("Pub's authorization to upload "
	"packages has expired and can't be automatically refreshed."));
	authorizePub(pub, server, "new access token");

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	expect(request.headers.value('authorization'),
	equals('Bearer new access token'));

	response.outputStream.close();
	});

	// After we give pub an invalid response, it should crash. We wait for it to
	// do so rather than killing it so it'll write out the credentials file.
	pub.shouldExit(1);

	credentialsFile(server, 'new access token').scheduleValidate();
	});

	integration('with a malformed credentials.json, authenticates again and '
	'saves credentials.json', () {
	var server = new ScheduledServer();
	dir(cachePath, [
	file('credentials.json', '{bad json')
	]).scheduleCreate();

	var pub = startPubLish(server);
	confirmPublish(pub);
	authorizePub(pub, server, "new access token");

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	expect(request.headers.value('authorization'),
	equals('Bearer new access token'));

	response.outputStream.close();
	});


	// After we give pub an invalid response, it should crash. We wait for it to
	// do so rather than killing it so it'll write out the credentials file.
	pub.shouldExit(1);

	credentialsFile(server, 'new access token').scheduleValidate();
	});

	integration('with server-rejected credentials, authenticates again and saves '
	'credentials.json', () {
	var server = new ScheduledServer();
	credentialsFile(server, 'access token').scheduleCreate();
	var pub = startPubLish(server);

	confirmPublish(pub);

	server.handle('GET', '/packages/versions/new.json', (request, response) {
	response.statusCode = 401;
	response.headers.set('www-authenticate', 'Bearer error="invalid_token",'
	' error_description="your token sucks"');
	response.outputStream.writeString(json.stringify({
	'error': {'message': 'your token sucks'}
	}));
	response.outputStream.close();
	});

	expectLater(pub.nextErrLine(), equals('OAuth2 authorization failed (your '
	'token sucks).'));
	// TODO(rnystrom): The confirm line is run together with this one because
	// in normal usage, the user will have entered a newline on stdin which
	// gets echoed to the terminal. Do something better here?
	expectLater(pub.nextLine(), equals(
	'Looks great! Are you ready to upload your package (y/n)? '
	'Pub needs your authorization to upload packages on your behalf.'));
	pub.kill();
	});
	}

	void authorizePub(ScheduledProcess pub, ScheduledServer server,
	[String accessToken="access token"]) {
	// TODO(rnystrom): The confirm line is run together with this one because
	// in normal usage, the user will have entered a newline on stdin which
	// gets echoed to the terminal. Do something better here?
	expectLater(pub.nextLine(), equals(
	'Looks great! Are you ready to upload your package (y/n)? '
	'Pub needs your authorization to upload packages on your behalf.'));

	expectLater(pub.nextLine().then((line) {
	var match = new RegExp(r'[?&]redirect_uri=([0-9a-zA-Z%+-]+)[$&]')
	.firstMatch(line);
	expect(match, isNotNull);

	var redirectUrl = Uri.parse(decodeUriComponent(match.group(1)));
	redirectUrl = addQueryParameters(redirectUrl, {'code': 'access code'});
	return (new http.Request('GET', redirectUrl)..followRedirects = false)
	.send();
	}).then((response) {
	expect(response.headers['location'],
	equals('http://pub.dartlang.org/authorized'));
	}), anything);

	handleAccessTokenRequest(server, accessToken);
	}

	void handleAccessTokenRequest(ScheduledServer server, String accessToken) {
	server.handle('POST', '/token', (request, response) {
	return wrapInputStream(request.inputStream).toBytes().then((bytes) {
	var body = new String.fromCharCodes(bytes);
	expect(body, matches(new RegExp(r'(^\|&)code=access\+code(&\|$)')));

	response.headers.contentType = new ContentType("application", "json");
	response.outputStream.writeString(json.stringify({
	"access_token": accessToken,
	"token_type": "bearer"
	}));
	response.outputStream.close();
	});
	});
	}