spec/integration/server_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe "Server" do
  let(:host) { RSpec.configuration.bind_addr }
  let(:base_url) { "http://#{host}" }
  let(:client) { RSpec.configuration.http }

  describe "GET /" do
    it 'returns OK' do
      response = client.get(base_url + "/")
      expect(response.code).to eq("200")
    end
  end

  describe "GET /404" do
    it 'returns 404' do
      response = client.get(base_url + "/404")
      expect(response.code).to eq("404")
    end
  end

  # https://datatracker.ietf.org/doc/html/rfc8414#section-3.1
  describe "GET /.well-known/oauth-authorization-server" do
    let(:response) { client.get(base_url + "/.well-known/oauth-authorization-server") }
    let(:json) { JSON.parse(response.body, symbolize_names: true) }

    it { expect(response.code).to eq("200") }
    it { expect(response["Content-Type"]).to eq("application/json") }

    it 'returns required fields' do
      expect(json[:issuer]).to eq("#{base_url}")
      expect(json[:authorization_endpoint]).to eq("#{base_url}/authorize")
      expect(json[:token_endpoint]).to eq("#{base_url}/token")
      expect(json[:response_types_supported]).to match_array(["code"])
    end

    it 'returns recommended fields' do
      expect(json[:scopes_supported]).to match_array(["openid", "profile", "email"])
    end

    describe "optional fields" do
      pending { expect(json[:response_modes_supported]).to eq("") }
      pending { expect(json[:jwks_uri]).to eq("#{base_url}/jwks.json") }
      pending { expect(json[:registration_endpoint]).to eq("#{base_url}/register") }
      pending { expect(json[:token_endpoint_auth_methods_supported]).to match_array(["client_secret_basic"]) }
      pending { expect(json[:token_endpoint_auth_signing_alg_values_supported]).to match_array(["RS256"]) }
      pending { expect(json[:service_documentation]).to eq("#{base_url}/service_documentation.html") }
      pending { expect(json[:ui_locales_supported]).to match_array(["en-US"]) }
      pending { expect(json[:op_policy_uri]).to eq("") }
      pending { expect(json[:op_tos_uri]).to eq("") }
      pending { expect(json[:revocation_endpoint]).to eq("") }
      pending { expect(json[:revocation_endpoint_auth_methods_supported]).to eq("") }
      pending { expect(json[:revocation_endpoint_auth_signing_alg_values_supported]).to eq("") }
      pending { expect(json[:introspection_endpoint]).to eq("") }
      pending { expect(json[:introspection_endpoint_auth_methods_supported]).to eq("") }
      pending { expect(json[:introspection_endpoint_auth_signing_alg_values_supported]).to eq("") }
      pending { expect(json[:code_challenge_methods_supported]).to eq("") }
      pending { expect(json[:signed_metadata]).to eq("") }
      pending { expect(json[:grant_types_supported]).to match_array(["authorization_code"]) }
    end
  end

  # https://datatracker.ietf.org/doc/html/rfc8693#section-2.3
  describe "POST /token" do
    pending
  end

  # https://datatracker.ietf.org/doc/html/rfc7662#section-2
  describe "POST /introspect" do
    pending
  end

  # https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
  describe "POST /revoke" do
    pending
  end
end