aboutsummaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/pleroma/web/plugs/o_auth_plug_test.exs99
-rw-r--r--test/pleroma/web/plugs/session_authentication_plug_test.exs65
-rw-r--r--test/pleroma/web/plugs/set_user_session_id_plug_test.exs19
3 files changed, 81 insertions, 102 deletions
diff --git a/test/pleroma/web/plugs/o_auth_plug_test.exs b/test/pleroma/web/plugs/o_auth_plug_test.exs
index b9d722f76..ad2aa5d1b 100644
--- a/test/pleroma/web/plugs/o_auth_plug_test.exs
+++ b/test/pleroma/web/plugs/o_auth_plug_test.exs
@@ -5,43 +5,48 @@
defmodule Pleroma.Web.Plugs.OAuthPlugTest do
use Pleroma.Web.ConnCase, async: true
+ alias Pleroma.Web.OAuth.Token
+ alias Pleroma.Web.OAuth.Token.Strategy.Revoke
alias Pleroma.Web.Plugs.OAuthPlug
- import Pleroma.Factory
+ alias Plug.Session
- @session_opts [
- store: :cookie,
- key: "_test",
- signing_salt: "cooldude"
- ]
+ import Pleroma.Factory
setup %{conn: conn} do
user = insert(:user)
- {:ok, %{token: token}} = Pleroma.Web.OAuth.Token.create(insert(:oauth_app), user)
- %{user: user, token: token, conn: conn}
+ {:ok, oauth_token} = Token.create(insert(:oauth_app), user)
+ %{user: user, token: oauth_token, conn: conn}
+ end
+
+ test "it does nothing if a user is assigned", %{conn: conn} do
+ conn = assign(conn, :user, %Pleroma.User{})
+ ret_conn = OAuthPlug.call(conn, %{})
+
+ assert ret_conn == conn
end
- test "with valid token(uppercase), it assigns the user", %{conn: conn} = opts do
+ test "with valid token (uppercase) in auth header, it assigns the user", %{conn: conn} = opts do
conn =
conn
- |> put_req_header("authorization", "BEARER #{opts[:token]}")
+ |> put_req_header("authorization", "BEARER #{opts[:token].token}")
|> OAuthPlug.call(%{})
assert conn.assigns[:user] == opts[:user]
end
- test "with valid token(downcase), it assigns the user", %{conn: conn} = opts do
+ test "with valid token (downcase) in auth header, it assigns the user", %{conn: conn} = opts do
conn =
conn
- |> put_req_header("authorization", "bearer #{opts[:token]}")
+ |> put_req_header("authorization", "bearer #{opts[:token].token}")
|> OAuthPlug.call(%{})
assert conn.assigns[:user] == opts[:user]
end
- test "with valid token(downcase) in url parameters, it assigns the user", opts do
+ test "with valid token (downcase) in url parameters, it assigns the user", opts do
conn =
:get
- |> build_conn("/?access_token=#{opts[:token]}")
+ |> build_conn("/?access_token=#{opts[:token].token}")
|> put_req_header("content-type", "application/json")
|> fetch_query_params()
|> OAuthPlug.call(%{})
@@ -49,16 +54,16 @@ defmodule Pleroma.Web.Plugs.OAuthPlugTest do
assert conn.assigns[:user] == opts[:user]
end
- test "with valid token(downcase) in body parameters, it assigns the user", opts do
+ test "with valid token (downcase) in body parameters, it assigns the user", opts do
conn =
:post
- |> build_conn("/api/v1/statuses", access_token: opts[:token], status: "test")
+ |> build_conn("/api/v1/statuses", access_token: opts[:token].token, status: "test")
|> OAuthPlug.call(%{})
assert conn.assigns[:user] == opts[:user]
end
- test "with invalid token, it not assigns the user", %{conn: conn} do
+ test "with invalid token, it does not assign the user", %{conn: conn} do
conn =
conn
|> put_req_header("authorization", "bearer TTTTT")
@@ -67,14 +72,56 @@ defmodule Pleroma.Web.Plugs.OAuthPlugTest do
refute conn.assigns[:user]
end
- test "when token is missed but token in session, it assigns the user", %{conn: conn} = opts do
- conn =
- conn
- |> Plug.Session.call(Plug.Session.init(@session_opts))
- |> fetch_session()
- |> put_session(:oauth_token, opts[:token])
- |> OAuthPlug.call(%{})
-
- assert conn.assigns[:user] == opts[:user]
+ describe "with :oauth_token in session, " do
+ setup %{token: oauth_token, conn: conn} do
+ session_opts = [
+ store: :cookie,
+ key: "_test",
+ signing_salt: "cooldude"
+ ]
+
+ conn =
+ conn
+ |> Session.call(Session.init(session_opts))
+ |> fetch_session()
+ |> put_session(:oauth_token, oauth_token.token)
+
+ %{conn: conn}
+ end
+
+ test "if session-stored token matches a valid OAuth token, assigns :user and :token", %{
+ conn: conn,
+ user: user,
+ token: oauth_token
+ } do
+ conn = OAuthPlug.call(conn, %{})
+
+ assert conn.assigns.user && conn.assigns.user.id == user.id
+ assert conn.assigns.token && conn.assigns.token.id == oauth_token.id
+ end
+
+ test "if session-stored token matches an expired OAuth token, does nothing", %{
+ conn: conn,
+ token: oauth_token
+ } do
+ expired_valid_until = NaiveDateTime.add(NaiveDateTime.utc_now(), -3600 * 24, :second)
+
+ oauth_token
+ |> Ecto.Changeset.change(valid_until: expired_valid_until)
+ |> Pleroma.Repo.update()
+
+ ret_conn = OAuthPlug.call(conn, %{})
+ assert ret_conn == conn
+ end
+
+ test "if session-stored token matches a revoked OAuth token, does nothing", %{
+ conn: conn,
+ token: oauth_token
+ } do
+ Revoke.revoke(oauth_token)
+
+ ret_conn = OAuthPlug.call(conn, %{})
+ assert ret_conn == conn
+ end
end
end
diff --git a/test/pleroma/web/plugs/session_authentication_plug_test.exs b/test/pleroma/web/plugs/session_authentication_plug_test.exs
deleted file mode 100644
index d027331a9..000000000
--- a/test/pleroma/web/plugs/session_authentication_plug_test.exs
+++ /dev/null
@@ -1,65 +0,0 @@
-# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
-# SPDX-License-Identifier: AGPL-3.0-only
-
-defmodule Pleroma.Web.Plugs.SessionAuthenticationPlugTest do
- use Pleroma.Web.ConnCase, async: true
-
- alias Pleroma.User
- alias Pleroma.Web.Plugs.OAuthScopesPlug
- alias Pleroma.Web.Plugs.PlugHelper
- alias Pleroma.Web.Plugs.SessionAuthenticationPlug
-
- setup %{conn: conn} do
- session_opts = [
- store: :cookie,
- key: "_test",
- signing_salt: "cooldude"
- ]
-
- conn =
- conn
- |> Plug.Session.call(Plug.Session.init(session_opts))
- |> fetch_session()
- |> assign(:auth_user, %User{id: 1})
-
- %{conn: conn}
- end
-
- test "it does nothing if a user is assigned", %{conn: conn} do
- conn = assign(conn, :user, %User{})
- ret_conn = SessionAuthenticationPlug.call(conn, %{})
-
- assert ret_conn == conn
- end
-
- # Scenario: requester has the cookie and knows the username (not necessarily knows the password)
- test "if the auth_user has the same id as the user_id in the session, it assigns the user", %{
- conn: conn
- } do
- conn =
- conn
- |> put_session(:user_id, conn.assigns.auth_user.id)
- |> SessionAuthenticationPlug.call(%{})
-
- assert conn.assigns.user == conn.assigns.auth_user
- assert conn.assigns.token == nil
- assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug)
- end
-
- # Scenario: requester has the cookie but doesn't know the username
- test "if the auth_user has a different id as the user_id in the session, it does nothing", %{
- conn: conn
- } do
- conn = put_session(conn, :user_id, -1)
- ret_conn = SessionAuthenticationPlug.call(conn, %{})
-
- assert ret_conn == conn
- end
-
- test "if the session does not contain user_id, it does nothing", %{
- conn: conn
- } do
- assert conn == SessionAuthenticationPlug.call(conn, %{})
- end
-end
diff --git a/test/pleroma/web/plugs/set_user_session_id_plug_test.exs b/test/pleroma/web/plugs/set_user_session_id_plug_test.exs
index a89b5628f..a50e80107 100644
--- a/test/pleroma/web/plugs/set_user_session_id_plug_test.exs
+++ b/test/pleroma/web/plugs/set_user_session_id_plug_test.exs
@@ -5,7 +5,6 @@
defmodule Pleroma.Web.Plugs.SetUserSessionIdPlugTest do
use Pleroma.Web.ConnCase, async: true
- alias Pleroma.User
alias Pleroma.Web.Plugs.SetUserSessionIdPlug
setup %{conn: conn} do
@@ -18,28 +17,26 @@ defmodule Pleroma.Web.Plugs.SetUserSessionIdPlugTest do
conn =
conn
|> Plug.Session.call(Plug.Session.init(session_opts))
- |> fetch_session
+ |> fetch_session()
%{conn: conn}
end
test "doesn't do anything if the user isn't set", %{conn: conn} do
- ret_conn =
- conn
- |> SetUserSessionIdPlug.call(%{})
+ ret_conn = SetUserSessionIdPlug.call(conn, %{})
assert ret_conn == conn
end
- test "sets the user_id in the session to the user id of the user assign", %{conn: conn} do
- Code.ensure_compiled(Pleroma.User)
+ test "sets :oauth_token in session to :token assign", %{conn: conn} do
+ %{user: user, token: oauth_token} = oauth_access(["read"])
- conn =
+ ret_conn =
conn
- |> assign(:user, %User{id: 1})
+ |> assign(:user, user)
+ |> assign(:token, oauth_token)
|> SetUserSessionIdPlug.call(%{})
- id = get_session(conn, :user_id)
- assert id == 1
+ assert get_session(ret_conn, :oauth_token) == oauth_token.token
end
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-25 11:05:13 +0000