kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

Fix audit timeline app names and stabilize backend tests

Browse Source
This commit is contained in:
Lectom C Han
2026-02-06 11:26:59 +09:00
parent 62b5bdba76
commit 66e1ed1e72
8 changed files with 448 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

181
backend/internal/service/hydra_admin_service_test.go
View File

@@ -5,7 +5,6 @@ import (
"context"
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
@@ -17,19 +16,19 @@ func TestHydraAdminService_ListClients(t *testing.T) {
{ClientID: "client2", ClientName: "Client 2"},
}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients", r.URL.Path)
assert.Equal(t, "GET", r.Method)
assert.Equal(t, "10", r.URL.Query().Get("limit"))
assert.Equal(t, "5", r.URL.Query().Get("offset"))
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(clients)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(clients)
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.ListClients(context.Background(), 10, 5)
@@ -40,17 +39,17 @@ func TestHydraAdminService_ListClients(t *testing.T) {
func TestHydraAdminService_GetClient(t *testing.T) {
client := domain.HydraClient{ClientID: "test-client", ClientName: "Test Client"}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients/test-client", r.URL.Path)
assert.Equal(t, "GET", r.Method)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(client)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(client)
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.GetClient(context.Background(), "test-client")
@@ -62,21 +61,21 @@ func TestHydraAdminService_CreateClient(t *testing.T) {
client := domain.HydraClient{ClientName: "New Client"}
created := domain.HydraClient{ClientID: "new-id", ClientName: "New Client"}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients", r.URL.Path)
assert.Equal(t, "POST", r.Method)
var received domain.HydraClient
json.NewDecoder(r.Body).Decode(&received)
_ = json.NewDecoder(r.Body).Decode(&received)
assert.Equal(t, client.ClientName, received.ClientName)
w.WriteHeader(http.StatusCreated)
json.NewEncoder(w).Encode(created)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(created)
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.CreateClient(context.Background(), client)
@@ -85,15 +84,15 @@ func TestHydraAdminService_CreateClient(t *testing.T) {
}
func TestHydraAdminService_DeleteClient(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients/to-delete", r.URL.Path)
assert.Equal(t, "DELETE", r.Method)
w.WriteHeader(http.StatusNoContent)
}))
defer server.Close()
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
err := s.DeleteClient(context.Background(), "to-delete")
@@ -104,17 +103,17 @@ func TestHydraAdminService_GetConsentRequest(t *testing.T) {
challenge := "challenge123"
consentReq := domain.HydraConsentRequest{Challenge: challenge, Subject: "user1"}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/consent", r.URL.Path)
assert.Equal(t, challenge, r.URL.Query().Get("consent_challenge"))
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(consentReq)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(consentReq)
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.GetConsentRequest(context.Background(), challenge)
@@ -123,96 +122,108 @@ func TestHydraAdminService_GetConsentRequest(t *testing.T) {
}
func TestHydraAdminService_PatchClientStatus(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients/test-client", r.URL.Path)
assert.Equal(t, "PATCH", r.Method)
assert.Equal(t, "application/json-patch+json", r.Header.Get("Content-Type"))
var payload []map[string]interface{}
json.NewDecoder(r.Body).Decode(&payload)
_ = json.NewDecoder(r.Body).Decode(&payload)
assert.Equal(t, "replace", payload[0]["op"])
assert.Equal(t, "/metadata/status", payload[0]["path"])
assert.Equal(t, "inactive", payload[0]["value"])
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(domain.HydraClient{ClientID: "test-client"})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(domain.HydraClient{ClientID: "test-client"})
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
_, err := s.PatchClientStatus(context.Background(), "test-client", "inactive")
assert.NoError(t, err)
}
func TestHydraAdminService_UpdateClient(t *testing.T) {
client := domain.HydraClient{ClientName: "Updated Name"}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/clients/test-client", r.URL.Path)
assert.Equal(t, "PUT", r.Method)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(client)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(client)
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
_, err := s.UpdateClient(context.Background(), "test-client", client)
assert.NoError(t, err)
}
func TestHydraAdminService_ListConsentSessions(t *testing.T) {
sessions := []domain.HydraConsentSession{{Subject: "user1"}}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/sessions/consent", r.URL.Path)
assert.Equal(t, "user1", r.URL.Query().Get("subject"))
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(sessions)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(sessions)
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.ListConsentSessions(context.Background(), "user1", "")
assert.NoError(t, err)
assert.Equal(t, sessions, result)
}
func TestHydraAdminService_RevokeConsentSessions(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/sessions/consent", r.URL.Path)
assert.Equal(t, "DELETE", r.Method)
w.WriteHeader(http.StatusNoContent)
}))
defer server.Close()
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
err := s.RevokeConsentSessions(context.Background(), "user1", "")
assert.NoError(t, err)
}
func TestHydraAdminService_RejectConsentRequest(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/consent/reject", r.URL.Path)
assert.Equal(t, "PUT", r.Method)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://reject"})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://reject"})
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
resp, err := s.RejectConsentRequest(context.Background(), "challenge")
assert.NoError(t, err)
assert.Equal(t, "http://reject", resp.RedirectTo)
}
func TestHydraAdminService_RejectLoginRequest(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/login/reject", r.URL.Path)
assert.Equal(t, "PUT", r.Method)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://reject-login"})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://reject-login"})
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
resp, err := s.RejectLoginRequest(context.Background(), "challenge", "error", "desc")
assert.NoError(t, err)
assert.Equal(t, "http://reject-login", resp.RedirectTo)
@@ -220,14 +231,16 @@ func TestHydraAdminService_RejectLoginRequest(t *testing.T) {
func TestHydraAdminService_GetLoginRequest(t *testing.T) {
loginReq := domain.HydraLoginRequest{Challenge: "challenge"}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/login", r.URL.Path)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(loginReq)
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(loginReq)
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.GetLoginRequest(context.Background(), "challenge")
assert.NoError(t, err)
assert.Equal(t, &loginReq, result)
@@ -235,15 +248,17 @@ func TestHydraAdminService_GetLoginRequest(t *testing.T) {
func TestHydraAdminService_AcceptConsentRequest(t *testing.T) {
grant := &domain.HydraConsentRequest{RequestedScope: []string{"openid"}}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/consent/accept", r.URL.Path)
assert.Equal(t, "PUT", r.Method)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://accept"})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(map[string]string{"redirect_to": "http://accept"})
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
resp, err := s.AcceptConsentRequest(context.Background(), "challenge", grant, nil)
assert.NoError(t, err)
assert.Equal(t, "http://accept", resp.RedirectTo)
@@ -254,21 +269,21 @@ func TestHydraAdminService_AcceptLoginRequest(t *testing.T) {
subject := "user@example.com"
redirectTo := "http://hydra/auth/confirm"
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/oauth2/auth/requests/login/accept", r.URL.Path)
assert.Equal(t, challenge, r.URL.Query().Get("login_challenge"))
var body map[string]interface{}
json.NewDecoder(r.Body).Decode(&body)
_ = json.NewDecoder(r.Body).Decode(&body)
assert.Equal(t, subject, body["subject"])
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(map[string]string{"redirect_to": redirectTo})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(map[string]string{"redirect_to": redirectTo})
})
s := &HydraAdminService{
AdminURL: server.URL,
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
result, err := s.AcceptLoginRequest(context.Background(), challenge, subject)
@@ -277,13 +292,15 @@ func TestHydraAdminService_AcceptLoginRequest(t *testing.T) {
}
func TestHydraAdminService_ErrorHandling(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusBadRequest)
w.Write([]byte("bad request"))
}))
defer server.Close()
_, _ = w.Write([]byte("bad request"))
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
_, err := s.GetClient(context.Background(), "invalid")
assert.Error(t, err)
@@ -300,12 +317,14 @@ func TestHydraAdminService_ErrorHandling(t *testing.T) {
}
func TestHydraAdminService_NotFound(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusNotFound)
}))
defer server.Close()
})
s := &HydraAdminService{AdminURL: server.URL}
s := &HydraAdminService{
AdminURL: "http://hydra-admin.local",
HTTPClient: clientForHandler(handler),
}
_, err := s.GetClient(context.Background(), "none")
assert.Equal(t, ErrHydraNotFound, err)