spec/policy/token_introspection: add tests for tokens caching

3scale · Mar 15, 2018 · 932efe7 · 932efe7
1 parent 2376669
commit 932efe7
Showing 1 changed file with 57 additions and 0 deletions.
diff --git a/spec/policy/token_introspection/token_introspection_spec.lua b/spec/policy/token_introspection/token_introspection_spec.lua
@@ -1,4 +1,5 @@
 local TokenIntrospection = require('apicast.policy.token_introspection')
+local TokensCache = require('apicast.policy.token_introspection.tokens_cache')
 
 local test_backend_client = require('resty.http_ng.backend.test')
 local cjson = require('cjson')
@@ -178,6 +179,62 @@ describe("token introspection policy", function()
       assert_authentication_failed()
     end)
 
+    describe('when caching is enabled', function()
+      local introspection_url = "http://example/token/introspection"
+      local policy_config = {
+        introspection_url = introspection_url,
+        client_id = test_client_id,
+        client_secret = test_client_secret,
+        max_ttl_tokens = 120
+      }
+
+      local test_token_info = { active = true }
+      local test_tokens_cache
+
+      local token_policy = TokenIntrospection.new(policy_config)
+
+      describe('and the token is cached', function()
+        setup(function()
+          test_tokens_cache = TokensCache.new(60)
+          test_tokens_cache:set(test_access_token, test_token_info)
+        end)
+
+        it('does not call the introspection endpoint', function()
+          token_policy.tokens_cache = test_tokens_cache
+          token_policy.http_client.backend = { post = function () end }
+          local http_client_spy = spy.on(token_policy.http_client.backend, 'post')
+
+          token_policy:access(context)
+
+          assert.spy(http_client_spy).was_not_called()
+        end)
+      end)
+
+      describe('and the token is not cached', function()
+        setup(function()
+          test_tokens_cache = TokensCache.new(60)
+        end)
+
+        it('calls the introspection endpoint and caches the result', function()
+          test_backend
+          .expect{
+            url = introspection_url,
+            method = 'POST',
+            body = 'token='..test_access_token..'&token_type_hint=access_token',
+            headers = { ['Authorization'] = test_basic_auth }
+          }
+          .respond_with{ status = 200, body = cjson.encode(test_token_info) }
+
+          token_policy.tokens_cache = test_tokens_cache
+          token_policy.http_client.backend = test_backend
+
+          token_policy:access(context)
+
+          assert.same(test_token_info, test_tokens_cache:get(test_access_token))
+        end)
+      end)
+    end)
+
     after_each(function()
       test_backend.verify_no_outstanding_expectations()
     end)