Google Git
Sign in
dart / sdk.git / refs/tags/1.8.0-dev.4.3 / . / pkg / oauth2 / test / client_test.dart
blob: ad552c00396b216ab93d75217eb9a621653cef2a [file] [log] [blame]
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.
library client_test;
import 'dart:async';
import 'dart:convert';
import 'package:http/http.dart' as http;
import 'package:oauth2/oauth2.dart' as oauth2;
import 'package:unittest/unittest.dart';
import 'utils.dart';
final Uri requestUri = Uri.parse("http://example.com/resource");
final Uri tokenEndpoint = Uri.parse('http://example.com/token');
ExpectClient httpClient;
void createHttpClient() {
httpClient = new ExpectClient();
}
void main() {
group('with expired credentials', () {
setUp(createHttpClient);
test("that can't be refreshed throws an ExpirationException on send", () {
var expiration = new DateTime.now().subtract(new Duration(hours: 1));
var credentials = new oauth2.Credentials(
'access token', null, null, [], expiration);
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
expect(client.get(requestUri),
throwsA(new isInstanceOf<oauth2.ExpirationException>()));
});
test("that can be refreshed refreshes the credentials and sends the "
"request", () {
var expiration = new DateTime.now().subtract(new Duration(hours: 1));
var credentials = new oauth2.Credentials(
'access token', 'refresh token', tokenEndpoint, [], expiration);
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('POST'));
expect(request.url.toString(), equals(tokenEndpoint.toString()));
return new Future.value(new http.Response(JSON.encode({
'access_token': 'new access token',
'token_type': 'bearer'
}), 200, headers: {'content-type': 'application/json'}));
});
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'],
equals('Bearer new access token'));
return new Future.value(new http.Response('good job', 200));
});
expect(client.read(requestUri).then((_) {
expect(client.credentials.accessToken, equals('new access token'));
}), completes);
});
});
group('with valid credentials', () {
setUp(createHttpClient);
test("sends a request with bearer authorization", () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'], equals('Bearer access token'));
return new Future.value(new http.Response('good job', 200));
});
expect(client.read(requestUri), completion(equals('good job')));
});
test("can manually refresh the credentials", () {
var credentials = new oauth2.Credentials(
'access token', 'refresh token', tokenEndpoint);
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('POST'));
expect(request.url.toString(), equals(tokenEndpoint.toString()));
return new Future.value(new http.Response(JSON.encode({
'access_token': 'new access token',
'token_type': 'bearer'
}), 200, headers: {'content-type': 'application/json'}));
});
expect(client.refreshCredentials().then((_) {
expect(client.credentials.accessToken, equals('new access token'));
}), completes);
});
test("without a refresh token can't manually refresh the credentials", () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
expect(client.refreshCredentials(), throwsA(isStateError));
});
});
group('with invalid credentials', () {
setUp(createHttpClient);
test('throws an AuthorizationException for a 401 response', () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'], equals('Bearer access token'));
var authenticate = 'Bearer error="invalid_token", error_description='
'"Something is terribly wrong."';
return new Future.value(new http.Response('bad job', 401,
headers: {'www-authenticate': authenticate}));
});
expect(client.read(requestUri),
throwsA(new isInstanceOf<oauth2.AuthorizationException>()));
});
test('passes through a 401 response without www-authenticate', () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'],
equals('Bearer access token'));
return new Future.value(new http.Response('bad job', 401));
});
expect(
client.get(requestUri).then((response) => response.statusCode),
completion(equals(401)));
});
test('passes through a 401 response with invalid www-authenticate', () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'],
equals('Bearer access token'));
var authenticate = 'Bearer error="invalid_token", error_description='
'"Something is terribly wrong.", ';
return new Future.value(new http.Response('bad job', 401,
headers: {'www-authenticate': authenticate}));
});
expect(
client.get(requestUri).then((response) => response.statusCode),
completion(equals(401)));
});
test('passes through a 401 response with non-bearer www-authenticate', () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'],
equals('Bearer access token'));
return new Future.value(new http.Response('bad job', 401,
headers: {'www-authenticate': 'Digest'}));
});
expect(
client.get(requestUri).then((response) => response.statusCode),
completion(equals(401)));
});
test('passes through a 401 response with non-OAuth2 www-authenticate', () {
var credentials = new oauth2.Credentials('access token');
var client = new oauth2.Client('identifier', 'secret', credentials,
httpClient: httpClient);
httpClient.expectRequest((request) {
expect(request.method, equals('GET'));
expect(request.url.toString(), equals(requestUri.toString()));
expect(request.headers['authorization'],
equals('Bearer access token'));
return new Future.value(new http.Response('bad job', 401,
headers: {'www-authenticate': 'Bearer'}));
});
expect(
client.get(requestUri).then((response) => response.statusCode),
completion(equals(401)));
});
});
}