gotosocial/internal/oauth/oauth_test.go

package oauth

import (
	"context"
	"fmt"
	"testing"
	"time"

	"github.com/go-pg/pg/v10"
	"github.com/go-pg/pg/v10/orm"
	"github.com/gotosocial/gotosocial/internal/api"
	"github.com/gotosocial/gotosocial/internal/config"
	"github.com/gotosocial/gotosocial/internal/gtsmodel"
	"github.com/gotosocial/oauth2/v4"
	"github.com/sirupsen/logrus"
	"github.com/stretchr/testify/suite"
	"golang.org/x/crypto/bcrypt"
)

type OauthTestSuite struct {
	suite.Suite
	tokenStore  oauth2.TokenStore
	clientStore oauth2.ClientStore
	conn        *pg.DB
	testAccount *gtsmodel.Account
	testUser    *gtsmodel.User
	testClient  *oauthClient
	config      *config.Config
}

const ()

// SetupSuite sets some variables on the suite that we can use as consts (more or less) throughout
func (suite *OauthTestSuite) SetupSuite() {
	encryptedPassword, err := bcrypt.GenerateFromPassword([]byte("test-password"), bcrypt.DefaultCost)
	if err != nil {
		logrus.Panicf("error encrypting user pass: %s", err)
	}

	suite.testAccount = &gtsmodel.Account{}
	suite.testUser = &gtsmodel.User{
		EncryptedPassword: string(encryptedPassword),
		Email:             "user@localhost",
		AccountID:         "some-account-id-it-doesn't-matter-really-since-this-user-doesn't-actually-have-an-account!",
	}
	suite.testClient = &oauthClient{
		ID:     "a-known-client-id",
		Secret: "some-secret",
		Domain: "http://localhost:8080",
	}

	// because go tests are run within the test package directory, we need to fiddle with the templateconfig
	// basedir in a way that we wouldn't normally have to do when running the binary, in order to make
	// the templates actually load
	c := config.Empty()
	c.TemplateConfig.BaseDir = "../../web/template/"
	suite.config = c
}

// SetupTest creates a postgres connection and creates the oauth_clients table before each test
func (suite *OauthTestSuite) SetupTest() {
	suite.conn = pg.Connect(&pg.Options{})
	if err := suite.conn.Ping(context.Background()); err != nil {
		logrus.Panicf("db connection error: %s", err)
	}

	models := []interface{}{
		&oauthClient{},
		&oauthToken{},
		&gtsmodel.User{},
		&gtsmodel.Account{},
		&gtsmodel.Application{},
	}

	for _, m := range models {
		if err := suite.conn.Model(m).CreateTable(&orm.CreateTableOptions{
			IfNotExists: true,
		}); err != nil {
			logrus.Panicf("db connection error: %s", err)
		}
	}

	suite.tokenStore = NewPGTokenStore(context.Background(), suite.conn, logrus.New())
	suite.clientStore = NewPGClientStore(suite.conn)

	if _, err := suite.conn.Model(suite.testUser).Insert(); err != nil {
		logrus.Panicf("could not insert test user into db: %s", err)
	}

	if _, err := suite.conn.Model(suite.testClient).Insert(); err != nil {
		logrus.Panicf("could not insert test client into db: %s", err)
	}

}

// TearDownTest drops the oauth_clients table and closes the pg connection after each test
func (suite *OauthTestSuite) TearDownTest() {
	models := []interface{}{
		&oauthClient{},
		&oauthToken{},
		&gtsmodel.User{},
		&gtsmodel.Account{},
		&gtsmodel.Application{},
	}
	for _, m := range models {
		if err := suite.conn.Model(m).DropTable(&orm.DropTableOptions{}); err != nil {
			logrus.Panicf("drop table error: %s", err)
		}
	}
	if err := suite.conn.Close(); err != nil {
		logrus.Panicf("error closing db connection: %s", err)
	}
	suite.conn = nil
}

func (suite *OauthTestSuite) TestAPIInitialize() {
	log := logrus.New()
	log.SetLevel(logrus.TraceLevel)

	r := api.New(suite.config, log)
	api := New(suite.tokenStore, suite.clientStore, suite.conn, log)
	if err := api.AddRoutes(r); err != nil {
		suite.FailNow(fmt.Sprintf("error initializing api: %s", err))
	}
	go r.Start()
	time.Sleep(30 * time.Second)
	// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=https://example.org
	// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob
}

func TestOauthTestSuite(t *testing.T) {
	suite.Run(t, new(OauthTestSuite))
}
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`package oauth`

			`import (`
			`"context"`
fix lint errors 2021-03-20 19:44:18 +01:00			`"fmt"`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`"testing"`
			`"time"`

			`"github.com/go-pg/pg/v10"`
			`"github.com/go-pg/pg/v10/orm"`
			`"github.com/gotosocial/gotosocial/internal/api"`
			`"github.com/gotosocial/gotosocial/internal/config"`
			`"github.com/gotosocial/gotosocial/internal/gtsmodel"`
			`"github.com/gotosocial/oauth2/v4"`
			`"github.com/sirupsen/logrus"`
			`"github.com/stretchr/testify/suite"`
			`"golang.org/x/crypto/bcrypt"`
			`)`

			`type OauthTestSuite struct {`
			`suite.Suite`
getting there....... 2021-03-17 16:01:31 +01:00			`tokenStore oauth2.TokenStore`
			`clientStore oauth2.ClientStore`
			`conn *pg.DB`
tidying up 2021-03-20 19:06:28 +01:00			`testAccount *gtsmodel.Account`
getting there....... 2021-03-17 16:01:31 +01:00			`testUser *gtsmodel.User`
			`testClient *oauthClient`
			`config *config.Config`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`

			`const ()`

			`// SetupSuite sets some variables on the suite that we can use as consts (more or less) throughout`
			`func (suite *OauthTestSuite) SetupSuite() {`
			`encryptedPassword, err := bcrypt.GenerateFromPassword([]byte("test-password"), bcrypt.DefaultCost)`
			`if err != nil {`
			`logrus.Panicf("error encrypting user pass: %s", err)`
			`}`
getting there....... 2021-03-17 16:01:31 +01:00
go fmt 2021-03-20 19:08:17 +01:00			`suite.testAccount = &gtsmodel.Account{}`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`suite.testUser = &gtsmodel.User{`
			`EncryptedPassword: string(encryptedPassword),`
allow showing just code 2021-03-20 00:18:44 +01:00			`Email: "user@localhost",`
auth flow working for code 2021-03-18 23:27:43 +01:00			`AccountID: "some-account-id-it-doesn't-matter-really-since-this-user-doesn't-actually-have-an-account!",`
getting there....... 2021-03-17 16:01:31 +01:00			`}`
			`suite.testClient = &oauthClient{`
			`ID: "a-known-client-id",`
			`Secret: "some-secret",`
allow showing just code 2021-03-20 00:18:44 +01:00			`Domain: "http://localhost:8080",`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`
auth flow working for code 2021-03-18 23:27:43 +01:00
			`// because go tests are run within the test package directory, we need to fiddle with the templateconfig`
			`// basedir in a way that we wouldn't normally have to do when running the binary, in order to make`
			`// the templates actually load`
			`c := config.Empty()`
			`c.TemplateConfig.BaseDir = "../../web/template/"`
			`suite.config = c`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`

			`// SetupTest creates a postgres connection and creates the oauth_clients table before each test`
			`func (suite *OauthTestSuite) SetupTest() {`
			`suite.conn = pg.Connect(&pg.Options{})`
			`if err := suite.conn.Ping(context.Background()); err != nil {`
			`logrus.Panicf("db connection error: %s", err)`
			`}`

			`models := []interface{}{`
			`&oauthClient{},`
			`&oauthToken{},`
			`&gtsmodel.User{},`
tidying up 2021-03-20 19:06:28 +01:00			`&gtsmodel.Account{},`
			`&gtsmodel.Application{},`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`

			`for _, m := range models {`
			`if err := suite.conn.Model(m).CreateTable(&orm.CreateTableOptions{`
			`IfNotExists: true,`
			`}); err != nil {`
			`logrus.Panicf("db connection error: %s", err)`
			`}`
			`}`

			`suite.tokenStore = NewPGTokenStore(context.Background(), suite.conn, logrus.New())`
			`suite.clientStore = NewPGClientStore(suite.conn)`

			`if _, err := suite.conn.Model(suite.testUser).Insert(); err != nil {`
			`logrus.Panicf("could not insert test user into db: %s", err)`
			`}`

getting there....... 2021-03-17 16:01:31 +01:00			`if _, err := suite.conn.Model(suite.testClient).Insert(); err != nil {`
			`logrus.Panicf("could not insert test client into db: %s", err)`
			`}`

Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`

			`// TearDownTest drops the oauth_clients table and closes the pg connection after each test`
			`func (suite *OauthTestSuite) TearDownTest() {`
			`models := []interface{}{`
			`&oauthClient{},`
			`&oauthToken{},`
			`&gtsmodel.User{},`
tidying up 2021-03-20 19:06:28 +01:00			`&gtsmodel.Account{},`
			`&gtsmodel.Application{},`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`
			`for _, m := range models {`
			`if err := suite.conn.Model(m).DropTable(&orm.DropTableOptions{}); err != nil {`
			`logrus.Panicf("drop table error: %s", err)`
			`}`
			`}`
			`if err := suite.conn.Close(); err != nil {`
			`logrus.Panicf("error closing db connection: %s", err)`
			`}`
			`suite.conn = nil`
			`}`

			`func (suite *OauthTestSuite) TestAPIInitialize() {`
			`log := logrus.New()`
almost there 2021-03-17 19:52:36 +01:00			`log.SetLevel(logrus.TraceLevel)`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00
			`r := api.New(suite.config, log)`
			`api := New(suite.tokenStore, suite.clientStore, suite.conn, log)`
fix lint errors 2021-03-20 19:44:18 +01:00			`if err := api.AddRoutes(r); err != nil {`
			`suite.FailNow(fmt.Sprintf("error initializing api: %s", err))`
			`}`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`go r.Start()`
			`time.Sleep(30 * time.Second)`
auth flow working for code 2021-03-18 23:27:43 +01:00			`// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=https://example.org`
allow showing just code 2021-03-20 00:18:44 +01:00			`// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob`
Some more messing around with oauth2 2021-03-17 11:33:06 +01:00			`}`

			`func TestOauthTestSuite(t *testing.T) {`
			`suite.Run(t, new(OauthTestSuite))`
			`}`