summaryrefslogtreecommitdiff
path: root/test/e2e_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'test/e2e_test.go')
-rw-r--r--test/e2e_test.go46
1 files changed, 37 insertions, 9 deletions
diff --git a/test/e2e_test.go b/test/e2e_test.go
index e4ef0a0..32737c7 100644
--- a/test/e2e_test.go
+++ b/test/e2e_test.go
@@ -92,17 +92,45 @@ func TestAuthx(t *testing.T) {
})
t.Run("OAuth", func(t *testing.T) {
- conf := &oauth2.Config{
- ClientID: "client_id",
- ClientSecret: "client_secret",
- Scopes: []string{"openid"},
- Endpoint: oauth2.Endpoint{
- TokenURL: "http://idp.example.com:8080/oauth/token",
- AuthURL: "http://idp.example.com:8080/oauth/authorize",
- },
- }
+ t.Run("GET /.well-known/oauth-authorization-server", func(t *testing.T) {
+ response := x.Must(client.Get("http://idp.example.com:8080/.well-known/oauth-authorization-server"))
+ assert.Equal(t, http.StatusOK, response.StatusCode)
+ metadata := x.Must(serde.FromJSON[map[string]interface{}](response.Body))
+ assert.Equal(t, "http://idp.example.com:8080/.well-known/oauth-authorization-server", metadata["issuer"])
+ assert.Equal(t, "http://idp.example.com:8080/oauth/authorize", metadata["authorization_endpoint"])
+ assert.Equal(t, "http://idp.example.com:8080/oauth/token", metadata["token_endpoint"])
+ // assert.NotEmpty(t, metadata["jwks_uri"])
+ // assert.NotEmpty(t, metadata["registration_endpoint"])
+ assert.NotEmpty(t, metadata["scopes_supported"])
+ assert.NotEmpty(t, metadata["response_types_supported"])
+ assert.NotEmpty(t, metadata["response_modes_supported"])
+ assert.NotEmpty(t, metadata["grant_types_supported"])
+ assert.NotEmpty(t, metadata["token_endpoint_auth_methods_supported"])
+ assert.NotEmpty(t, metadata["token_endpoint_auth_signing_alg_values_supported"])
+ // assert.NotEmpty(t, metadata["service_documentation"])
+ assert.NotEmpty(t, metadata["ui_locales_supported"])
+ // assert.NotEmpty(t, metadata["op_policy_uri"])
+ // assert.NotEmpty(t, metadata["op_tos_uri"])
+ assert.NotEmpty(t, metadata["revocation_endpoint"])
+ assert.NotEmpty(t, metadata["revocation_endpoint_auth_methods_supported"])
+ assert.NotEmpty(t, metadata["revocation_endpoint_auth_signing_alg_values_supported"])
+ assert.NotEmpty(t, metadata["introspection_endpoint"])
+ assert.NotEmpty(t, metadata["introspection_endpoint_auth_methods_supported"])
+ assert.NotEmpty(t, metadata["introspection_endpoint_auth_signing_alg_values_supported"])
+ // assert.NotEmpty(t, metadata["code_challenge_methods_supported"])
+ })
t.Run("authorization code grant", func(t *testing.T) {
+ conf := &oauth2.Config{
+ ClientID: "client_id",
+ ClientSecret: "client_secret",
+ Scopes: []string{"openid"},
+ Endpoint: oauth2.Endpoint{
+ TokenURL: "http://idp.example.com:8080/oauth/token",
+ AuthURL: "http://idp.example.com:8080/oauth/authorize",
+ },
+ }
+
authURL := conf.AuthCodeURL(
"state",
oauth2.SetAuthURLParam("client_id", "client_id"),
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 02:22:58 +0000