oauth2: Add and enhance access/refresh token tests

This patch introduces more tests for code and refresh flows and the JWT
strategy.

Signed-off-by: arekkas <aeneas@ory.am>

client/manager_0_sql_migrations_test.go

@@ -23,6 +23,7 @@ package client_test
 import (
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 
 	"github.com/jmoiron/sqlx"
@@ -116,6 +117,7 @@ var migrations = map[string]*migrate.MemoryMigrationSource{
 }
 
 func TestMigrations(t *testing.T) {
+	var m sync.Mutex
 	var dbs = map[string]*sqlx.DB{}
 	if testing.Short() {
 		return
@@ -127,14 +129,18 @@ func TestMigrations(t *testing.T) {
 			if err != nil {
 				log.Fatalf("Could not connect to database: %v", err)
 			}
+			m.Lock()
 			dbs["postgres"] = db
+			m.Unlock()
 		},
 		func() {
 			db, err := dockertest.ConnectToTestMySQL()
 			if err != nil {
 				log.Fatalf("Could not connect to database: %v", err)
 			}
+			m.Lock()
 			dbs["mysql"] = db
+			m.Unlock()
 		},
 	})
 

client/manager_test.go

@@ -24,6 +24,7 @@ import (
 	"flag"
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 
 	_ "github.com/go-sql-driver/mysql"
@@ -35,6 +36,7 @@ import (
 )
 
 var clientManagers = map[string]Manager{}
+var m sync.Mutex
 
 func init() {
 	clientManagers["memory"] = NewMemoryManager(&fosite.BCrypt{})
@@ -61,7 +63,9 @@ func connectToMySQL() {
 	}
 
 	s := &SQLManager{DB: db, Hasher: &fosite.BCrypt{WorkFactor: 4}}
+	m.Lock()
 	clientManagers["mysql"] = s
+	m.Unlock()
 }
 
 func connectToPG() {
@@ -71,7 +75,9 @@ func connectToPG() {
 	}
 
 	s := &SQLManager{DB: db, Hasher: &fosite.BCrypt{WorkFactor: 4}}
+	m.Lock()
 	clientManagers["postgres"] = s
+	m.Unlock()
 }
 
 func TestCreateGetDeleteClient(t *testing.T) {

consent/manager_test.go

@@ -24,6 +24,7 @@ import (
 	"flag"
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 	"time"
 
@@ -39,6 +40,7 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
+var m sync.Mutex
 var clientManager = client.NewMemoryManager(&fosite.BCrypt{WorkFactor: 8})
 var fositeManager = oauth2.NewFositeMemoryStore(clientManager, time.Hour)
 var managers = map[string]Manager{
@@ -152,7 +154,9 @@ func connectToPostgres(managers map[string]Manager, c client.Manager) {
 		return
 	}
 
+	m.Lock()
 	managers["postgres"] = s
+	m.Unlock()
 }
 
 func connectToMySQL(managers map[string]Manager, c client.Manager) {
@@ -168,7 +172,9 @@ func connectToMySQL(managers map[string]Manager, c client.Manager) {
 		return
 	}
 
+	m.Lock()
 	managers["mysql"] = s
+	m.Unlock()
 }
 
 func TestMain(m *testing.M) {

jwk/manager_0_sql_migrations_test.go

@@ -23,6 +23,7 @@ package jwk_test
 import (
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 
 	"github.com/jmoiron/sqlx"
@@ -76,6 +77,7 @@ var migrations = &migrate.MemoryMigrationSource{
 }
 
 func TestMigrations(t *testing.T) {
+	var m sync.Mutex
 	var dbs = map[string]*sqlx.DB{}
 	if testing.Short() {
 		return
@@ -87,14 +89,18 @@ func TestMigrations(t *testing.T) {
 			if err != nil {
 				log.Fatalf("Could not connect to database: %v", err)
 			}
+			m.Lock()
 			dbs["postgres"] = db
+			m.Unlock()
 		},
 		func() {
 			db, err := dockertest.ConnectToTestMySQL()
 			if err != nil {
 				log.Fatalf("Could not connect to database: %v", err)
 			}
+			m.Lock()
 			dbs["mysql"] = db
+			m.Unlock()
 		},
 	})
 

jwk/manager_test.go

@@ -24,6 +24,7 @@ import (
 	"flag"
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 
 	_ "github.com/go-sql-driver/mysql"
@@ -37,6 +38,7 @@ var managers = map[string]Manager{
 	"memory": new(MemoryManager),
 }
 
+var m sync.Mutex
 var testGenerator = &RS256Generator{}
 
 var encryptionKey, _ = RandomBytes(32)
@@ -62,7 +64,10 @@ func connectToPG() {
 	}
 
 	s := &SQLManager{DB: db, Cipher: &AEAD{Key: encryptionKey}}
+
+	m.Lock()
 	managers["postgres"] = s
+	m.Unlock()
 }
 
 func connectToMySQL() {
@@ -72,7 +77,10 @@ func connectToMySQL() {
 	}
 
 	s := &SQLManager{DB: db, Cipher: &AEAD{Key: encryptionKey}}
+
+	m.Lock()
 	managers["mysql"] = s
+	m.Unlock()
 }
 
 func TestManagerKey(t *testing.T) {

oauth2/fosite_store_test.go

@@ -24,6 +24,7 @@ import (
 	"flag"
 	"fmt"
 	"log"
+	"sync"
 	"testing"
 	"time"
 
@@ -44,6 +45,7 @@ var clientManager = &client.MemoryManager{
 	Hasher:  &fosite.BCrypt{},
 }
 var databases = make(map[string]*sqlx.DB)
+var m sync.Mutex
 
 func init() {
 	fositeStores["memory"] = NewFositeMemoryStore(nil, time.Hour)
@@ -74,8 +76,10 @@ func connectToPG() {
 		log.Fatalf("Could not create postgres schema: %v", err)
 	}
 
+	m.Lock()
 	databases["postgres"] = db
 	fositeStores["postgres"] = s
+	m.Unlock()
 }
 
 func connectToMySQL() {
@@ -89,8 +93,10 @@ func connectToMySQL() {
 		log.Fatalf("Could not create postgres schema: %v", err)
 	}
 
+	m.Lock()
 	databases["mysql"] = db
 	fositeStores["mysql"] = s
+	m.Unlock()
 }
 
 func TestCreateGetDeleteAuthorizeCodes(t *testing.T) {

oauth2/handler.go

@@ -36,7 +36,6 @@ import (
 	"github.com/ory/hydra/client"
 	"github.com/ory/hydra/consent"
 	"github.com/ory/hydra/pkg"
-	"github.com/pborman/uuid"
 	"github.com/pkg/errors"
 )
 
@@ -487,7 +486,6 @@ func (h *Handler) TokenHandler(w http.ResponseWriter, r *http.Request, _ httprou
 
 		session.Subject = accessRequest.GetClient().GetID()
 		session.ClientID = accessRequest.GetClient().GetID()
-		session.JTI = uuid.New()
 		session.KID = accessTokenKeyID
 		session.DefaultSession.Claims.Issuer = strings.TrimRight(h.IssuerURL, "/") + "/"
 		session.DefaultSession.Claims.IssuedAt = time.Now().UTC()
@@ -591,7 +589,6 @@ func (h *Handler) AuthHandler(w http.ResponseWriter, r *http.Request, _ httprout
 		Extra: session.Session.AccessToken,
 		// Here, we do not include the client because it's typically not the audience.
 		Audience: []string{},
-		JTI:      uuid.New(),
 		KID:      accessTokenKeyID,
 		ClientID: authorizeRequest.GetClient().GetID(),
 	})