clone/vikunja
1
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-05-03 02:16:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc9c21915df25827cdc4e421ddc07a22c375526c
vikunja/pkg/modules/auth/oauth2server/pkce_test.go
kolaente 649043aceb test: add tests for OAuth 2.0 authorization flow 
Add web tests covering the authorize endpoint, token exchange, PKCE
verification, single-use codes, and refresh token rotation. Add unit
tests for redirect URI validation and PKCE. Add E2E test for the full
browser-based authorization code flow with login redirect.

Extract setupApiUrl helper for E2E tests to avoid duplication.
2026-03-27 23:05:04 +00:00

52 lines
1.7 KiB
Go
Raw Blame History

// Vikunja is a to-do list application to facilitate your life.
// Copyright 2018-present Vikunja and contributors. All rights reserved.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
package oauth2server
import (
"crypto/sha256"
"encoding/base64"
"testing"
"github.com/stretchr/testify/assert"
)
func TestVerifyPKCE(t *testing.T) {
t.Run("valid S256 verifier", func(t *testing.T) {
verifier := "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
h := sha256.Sum256([]byte(verifier))
challenge := base64.RawURLEncoding.EncodeToString(h[:])
assert.True(t, VerifyPKCE(verifier, challenge, "S256"))
})
t.Run("wrong verifier", func(t *testing.T) {
verifier := "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
h := sha256.Sum256([]byte(verifier))
challenge := base64.RawURLEncoding.EncodeToString(h[:])
assert.False(t, VerifyPKCE("wrong-verifier", challenge, "S256"))
})
t.Run("unsupported method", func(t *testing.T) {
assert.False(t, VerifyPKCE("verifier", "challenge", "plain"))
})
t.Run("empty method", func(t *testing.T) {
assert.False(t, VerifyPKCE("verifier", "challenge", ""))
})
}
Reference in New Issue View Git Blame Copy Permalink