authcodetest

package
v0.1.35 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package authcodetest provides a shared contract test suite for all core.AuthorizationCodeStore implementations (RFC 6749 §4.1). Each backend — in-memory, fs (follow-up), gorm (follow-up), gae (follow-up) — exercises the same behavioral scenarios by handing this package a Factory closure and calling RunAll. Mirrors the existing deviceauthtest precedent.

Why a shared suite: the per-backend test files for the device store had started to drift on small details (error wording, scope round-trip, LastPolledAt persistence). Pulling the scenarios into one place enforces the contract uniformly and makes adding the next backend a one-line RunAll invocation.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RunAll

func RunAll(t *testing.T, factory Factory)

RunAll runs the complete AuthorizationCodeStore contract suite against the provided factory. Each scenario gets a fresh Backend via factory(t) so state cannot leak between cases.

func TestCleanupExpired

func TestCleanupExpired(t *testing.T, factory Factory)

TestCleanupExpired pins the timer-driven sweep contract: codes with ExpiresAt at or before now are removed; codes still in their window survive.

func TestCollision

func TestCollision(t *testing.T, factory Factory)

TestCollision pins that re-creating a code is rejected. The code is the AS-issued unique handle the client redeems with; a silently-overwritten record would let a second client hijack the first's pending authorization.

func TestCreateAndGet

func TestCreateAndGet(t *testing.T, factory Factory)

TestCreateAndGet pins the happy-path round-trip: a freshly stored code returns every binding field unchanged on lookup. Pinning Scopes catches backends that drop the slice during JSON / SQL marshalling.

func TestDeleteConsumes

func TestDeleteConsumes(t *testing.T, factory Factory)

TestDeleteConsumes pins single-use semantics: a code that has been deleted is no longer reachable via GetAuthorizationCode. The redemption handler relies on this for replay protection — RFC 6749 §4.1.2 mandates that the AS MUST invalidate the code after first use.

func TestNotFound

func TestNotFound(t *testing.T, factory Factory)

TestNotFound pins that GetAuthorizationCode returns ErrAuthorizationCodeNotFound (not a generic error) when the record does not exist. The redemption handler maps the sentinel to `invalid_grant` per RFC 6749 §5.2; a generic error would surface as a 500.

func TestRestartPersists

func TestRestartPersists(t *testing.T, factory Factory)

TestRestartPersists pins durability for persistent backends. The scenario writes a code through the initial Store handle, reopens via Reopen, and reads the code back. For the in-memory backend this is trivially true (Reopen returns the same instance).

Types

type Backend

type Backend struct {
	Store  core.AuthorizationCodeStore
	Reopen func() core.AuthorizationCodeStore
}

Backend is the per-test fixture handed to every scenario. Store is the initial handle the test exercises; Reopen returns a fresh handle bound to the same backing storage so the RestartPersists scenario can simulate a process restart.

For persistent backends (fs / gorm / gae) Reopen constructs a new store rooted at the same dir / DB connection / namespace. For the in-memory backend Reopen returns the same instance — there is no underlying storage to reconnect to and the property the scenario pins ("data survives a fresh handle") is trivially true.

type Factory

type Factory func(t *testing.T) Backend

Factory creates a Backend per scenario. Persistent backends MUST close over per-test state (a tempdir from t.TempDir(), a *gorm.DB, a datastore namespace) so Store and Reopen both resolve to the same underlying storage within one scenario.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL