Add test for a openidish mechanism for proving to third parties that … (

#234) * Add test for a openidish mechanism for proving to third parties that you own a given user_id * Add tests for missing and invalid tokens * Rename openid/token to openid/request_token
matrix-org · May 5, 2016 · 995c37d · 995c37d
1 parent 691813e
commit 995c37d
Showing 1 changed file with 57 additions and 0 deletions.
diff --git a/tests/45openid.pl b/tests/45openid.pl
@@ -0,0 +1,57 @@
+test "Can generate a openid access_token that can be exchanged for information about a user",
+   requires => [ local_user_fixture(), $main::HTTP_CLIENT, $main::HOMESERVER_INFO[0] ],
+
+   check => sub {
+      my ( $user, $http, $info ) = @_;
+
+      do_request_json_for( $user,
+         method  => "POST",
+         uri     => "/r0/user/:user_id/openid/request_token",
+         content => {},
+      )->then( sub {
+         my ( $body ) = @_;
+
+         assert_json_keys( $body, qw( access_token matrix_server_name expires_in ) );
+         assert_eq( $body->{matrix_server_name}, $info->server_name );
+
+         my $token = $body->{access_token};
+
+         $http->do_request_json(
+            method   => "GET",
+            uri => $info->client_location . "/_matrix/federation/v1/openid/userinfo",
+            params   => { access_token => $token },
+         );
+      })->then( sub {
+         my ( $body ) = @_;
+
+         assert_json_keys( $body, qw( sub ) );
+         assert_eq( $body->{sub}, $user->user_id );
+
+         Future->done(1);
+      });
+   };
+
+test "Invalid openid access tokens are rejected",
+   requires => [ $main::HTTP_CLIENT, $main::HOMESERVER_INFO[0] ],
+
+   check => sub {
+      my ( $http, $info ) = @_;
+
+      $http->do_request_json(
+         method   => "GET",
+         uri => $info->client_location . "/_matrix/federation/v1/openid/userinfo",
+         params   => { access_token => "an/invalid/token" },
+      )->main::expect_http_401;
+   };
+
+test "Requests to userinfo without access tokens are rejected",
+   requires => [ $main::HTTP_CLIENT, $main::HOMESERVER_INFO[0] ],
+
+   check => sub {
+      my ( $http, $info ) = @_;
+
+      $http->do_request_json(
+         method   => "GET",
+         uri => $info->client_location . "/_matrix/federation/v1/openid/userinfo",
+      )->main::expect_http_401;
+   };