integration: tests for client credentials flow

ory · Mar 21, 2016 · c13298c · c13298c
1 parent 12c70bb
commit c13298c
Showing 1 changed file with 42 additions and 2 deletions.
diff --git a/integration/client_credentials_flow_test.go b/integration/client_credentials_flow_test.go
@@ -7,6 +7,8 @@ import (
 	"github.com/ory-am/fosite/handler/core/client"
 	"github.com/stretchr/testify/assert"
 	"golang.org/x/oauth2"
+"golang.org/x/oauth2/clientcredentials"
+"github.com/stretchr/testify/require"
 )
 
 func TestClientCredentialsFlow(t *testing.T) {
@@ -34,20 +36,58 @@ func runClientCredentialsFlowTest(t *testing.T, strategy core.AccessTokenStrateg
 			err:         true,
 		},
 		{
-			description: "should pass",
+			description: "should fail because unknown client",
 			setup: func() {
 				f.TokenEndpointHandlers.Append(&client.ClientCredentialsGrantHandler{
 					AccessTokenStrategy: strategy,
 					Store:               fositeStore,
 					AccessTokenLifespan: accessTokenLifespan,
 				})
+
+				oauthClient = &clientcredentials.Config{
+					ClientID:     "my-client-wrong",
+					ClientSecret: "foobar",
+					Scopes:       []string{"fosite"},
+					TokenURL:     ts.URL + "/token",
+				}
+			},
+			err:         true,
+		},
+		{
+			description: "should fail because unknown client",
+			setup: func() {
+				oauthClient = &clientcredentials.Config{
+					ClientID:     "my-client",
+					ClientSecret: "foobar-wrong",
+					Scopes:       []string{"fosite"},
+					TokenURL:     ts.URL + "/token",
+				}
+			},
+			err:         true,
+		},
+		{
+			description: "should fail because unknown client",
+			setup: func() {
+				oauthClient = &clientcredentials.Config{
+					ClientID:     "my-client",
+					ClientSecret: "foobar",
+					Scopes:       []string{""},
+					TokenURL:     ts.URL + "/token",
+				}
+			},
+			err:         true,
+		},
+		{
+			description: "should pass",
+			setup: func() {
+				oauthClient = newOAuth2AppClient(ts)
 			},
 		},
 	} {
 		c.setup()
 
 		token, err := oauthClient.Token(oauth2.NoContext)
-		assert.Equal(t, c.err, err != nil, "(%d) %s\n%s\n%s", k, c.description, c.err, err)
+		require.Equal(t, c.err, err != nil, "(%d) %s\n%s\n%s", k, c.description, c.err, err)
 		if !c.err {
 			assert.NotEmpty(t, token.AccessToken, "(%d) %s\n%s", k, c.description, token)
 		}