main
1package web
2
3import (
4 "encoding/json"
5 "net/http"
6 "net/http/httptest"
7 "strings"
8 "testing"
9
10 "github.com/stretchr/testify/assert"
11 "mokhan.ca/xlgmokha/idp/pkg/dto"
12)
13
14func TestRegister(t *testing.T) {
15 srv := NewHttpContext(&Configuration{Issuer: "https://example.com", KeyData: []byte{}})
16
17 t.Run("POST /register", func(t *testing.T) {
18 t.Run("with a valid request body", func(t *testing.T) {
19 w := httptest.NewRecorder()
20
21 r := httptest.NewRequest("POST", "/register", strings.NewReader(`{
22 "redirect_uris": ["https://client.example.org/callback"],
23 "client_name": "My Client",
24 "token_endpoint_auth_method": "client_secret_basic",
25 "logo_uri": "https://client.example.org/logo.png",
26 "jwks_uri": "https://client.example.org/my_public_keys.jwks"
27 }`,
28 ))
29 r.Header.Set("Content-Type", "application/json")
30 r.Header.Set("Accept", "application/json")
31
32 srv.Router().ServeHTTP(w, r)
33
34 assert.Equal(t, http.StatusCreated, w.Result().StatusCode)
35 assert.Equal(t, "application/json", w.HeaderMap.Get("Content-Type"))
36 assert.Equal(t, "no-store", w.HeaderMap.Get("Cache-Control"))
37 assert.Equal(t, "no-cache", w.HeaderMap.Get("Pragma"))
38
39 var x dto.ClientInformationResponse
40 json.NewDecoder(w.Body).Decode(&x)
41
42 assert.Equal(t, "My Client", x.ClientName)
43 assert.Equal(t, dto.ClientSecretBasic, x.TokenEndpointAuthMethod)
44 assert.Equal(t, "https://client.example.org/callback", x.RedirectUris[0])
45 assert.Equal(t, "https://client.example.org/logo.png", x.LogoUri)
46 assert.Equal(t, "https://client.example.org/my_public_keys.jwks", x.JWKSUri)
47 assert.Equal(t, 1, len(x.RedirectUris))
48 assert.NotEmpty(t, x.ClientId)
49 assert.NotEmpty(t, x.ClientIdIssuedAt)
50 assert.NotEmpty(t, x.ClientSecret)
51 assert.NotEmpty(t, x.ClientSecretExpiresAt)
52 })
53
54 t.Run("with an invalid request body", func(t *testing.T) {
55 w := httptest.NewRecorder()
56
57 body := `{"redirect_uris": ["], "client_name": "", "token_endpoint_auth_method": ""}`
58 r := httptest.NewRequest("POST", "/register", strings.NewReader(body))
59 r.Header.Set("Content-Type", "application/json")
60 r.Header.Set("Accept", "application/json")
61
62 srv.Router().ServeHTTP(w, r)
63
64 assert.Equal(t, "application/json", w.HeaderMap.Get("Content-Type"))
65 assert.Equal(t, "no-store", w.HeaderMap.Get("Cache-Control"))
66 assert.Equal(t, "no-cache", w.HeaderMap.Get("Pragma"))
67 assert.Equal(t, http.StatusBadRequest, w.Result().StatusCode)
68
69 var params map[string]string
70 json.NewDecoder(w.Body).Decode(¶ms)
71
72 assert.Equal(t, "invalid_client_metadata", params["error"])
73 assert.NotEmpty(t, params["error_description"])
74 })
75 })
76}