feat: exchange saml assertion for an access token

author: mo khan <mo@mokhan.ca> 2025-03-25 09:51:32 -0600
committer: mo khan <mo@mokhan.ca> 2025-03-25 09:51:32 -0600
commit: 0704a779e5a20611bb8ee685a0dcdc1bebe74ba9 (patch)
tree: ff3d136c49888be9c48ede137d2d1e516729921d /test/e2e_test.go
parent: c866f5e8fe3d3d5fd311711bfc07d23ecfec3cd1 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/test/e2e_test.go b/test/e2e_test.go
index 40ed943..19c09af 100644
--- a/test/e2e_test.go
+++ b/test/e2e_test.go
@@ -3,6 +3,7 @@ package main
 import (
 	"bytes"
 	"context"
+	"encoding/base64"
 	"net/http"
 	"net/url"
 	"strings"
@@ -58,6 +59,20 @@ func TestAuthx(t *testing.T) {
 			assert.Equal(t, "http://ui.example.com:8080/saml/assertions", action)
 			assert.NoError(t, page.Locator("#submit-button").Click())
 			assert.Contains(t, x.Must(page.Content()), "Received SAML Response")
+
+			t.Run("exchange SAML assertion for access token", func(t *testing.T) {
+				samlAssertion := x.Must(page.Locator("#saml-response").TextContent())
+				io := bytes.NewBuffer(nil)
+				assert.NoError(t, serde.ToJSON(io, map[string]string{
+					"assertion":  samlAssertion,
+					"grant_type": "urn:ietf:params:oauth:grant-type:saml2-bearer",
+				}))
+				request := x.Must(http.NewRequestWithContext(t.Context(), "POST", "http://idp.example.com:8080/oauth/token", io))
+				request.Header.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("client_id:client_secret")))
+				request.Header.Add("Content-Type", "application/json ")
+				response := x.Must(client.Do(request))
+				require.Equal(t, http.StatusOK, response.StatusCode)
+			})
 		})
 	})
author	mo khan <mo@mokhan.ca>	2025-03-25 09:51:32 -0600
committer	mo khan <mo@mokhan.ca>	2025-03-25 09:51:32 -0600
commit	0704a779e5a20611bb8ee685a0dcdc1bebe74ba9 (patch)
tree	ff3d136c49888be9c48ede137d2d1e516729921d /test/e2e_test.go
parent	c866f5e8fe3d3d5fd311711bfc07d23ecfec3cd1 (diff)