Blame - config/oauth_test.go - KorAP/KorAP-MCP

blob: e6589103e2ca37138a828b1a67c9e6024c42ca39 [file] [log] [blame]

Akron	90f6521	2025-06-12 14:32:55 +0200	[diff] [blame]	1	package config
				2
				3	import (
				4	"testing"
				5
				6	"github.com/stretchr/testify/assert"
				7	)
				8
				9	func TestDefaultOAuthConfig(t *testing.T) {
				10	config := DefaultOAuthConfig()
				11
				12	assert.NotNil(t, config)
				13
				14	// Test default values
				15	assert.Equal(t, "https://korap.ids-mannheim.de/api/v1.0/oauth2/authorize", config.AuthURL)
				16	assert.Equal(t, "https://korap.ids-mannheim.de/api/v1.0/oauth2/token", config.TokenURL)
				17	assert.Equal(t, "urn:ietf:wg:oauth:2.0:oob", config.RedirectURL)
				18	assert.Equal(t, []string{"read"}, config.Scopes)
				19	assert.False(t, config.Enabled)
				20
				21	// Test that required fields are empty by default
				22	assert.Empty(t, config.ClientID)
				23	assert.Empty(t, config.ClientSecret)
				24
				25	// Test ToOAuth2Config with disabled config
				26	oauth2Config := config.ToOAuth2Config()
				27	assert.Nil(t, oauth2Config, "ToOAuth2Config should return nil when disabled")
				28
				29	// Test validation of default (disabled) config
				30	err := config.Validate()
				31	assert.NoError(t, err, "Default config should be valid (disabled)")
				32	}
				33
				34	func TestOAuthConfigValidate(t *testing.T) {
				35	tests := []struct {
				36	name string
				37	config *OAuthConfig
				38	wantError bool
				39	errorMsg string
				40	}{
				41	{
				42	name: "valid enabled config",
				43	config: &OAuthConfig{
				44	ClientID: "test-client",
				45	ClientSecret: "test-secret",
				46	AuthURL: "https://example.com/auth",
				47	TokenURL: "https://example.com/token",
				48	RedirectURL: "https://example.com/callback",
				49	Scopes: []string{"read"},
				50	Enabled: true,
				51	},
				52	wantError: false,
				53	},
				54	{
				55	name: "valid disabled config",
				56	config: &OAuthConfig{
				57	Enabled: false,
				58	},
				59	wantError: false,
				60	},
				61	{
				62	name: "missing client ID",
				63	config: &OAuthConfig{
				64	ClientSecret: "test-secret",
				65	AuthURL: "https://example.com/auth",
				66	TokenURL: "https://example.com/token",
				67	Enabled: true,
				68	},
				69	wantError: true,
				70	errorMsg: "client_id is required",
				71	},
				72	{
				73	name: "missing client secret",
				74	config: &OAuthConfig{
				75	ClientID: "test-client",
				76	AuthURL: "https://example.com/auth",
				77	TokenURL: "https://example.com/token",
				78	Enabled: true,
				79	},
				80	wantError: true,
				81	errorMsg: "client_secret is required",
				82	},
				83	{
				84	name: "missing token URL",
				85	config: &OAuthConfig{
				86	ClientID: "test-client",
				87	ClientSecret: "test-secret",
				88	AuthURL: "https://example.com/auth",
				89	Enabled: true,
				90	},
				91	wantError: true,
				92	errorMsg: "token_url is required",
				93	},
				94	}
				95
				96	for _, tt := range tests {
				97	t.Run(tt.name, func(t *testing.T) {
				98	err := tt.config.Validate()
				99
				100	if tt.wantError {
				101	assert.Error(t, err)
				102	assert.Contains(t, err.Error(), tt.errorMsg)
				103	} else {
				104	assert.NoError(t, err)
				105	}
				106	})
				107	}
				108	}
				109
				110	func TestOAuthConfigToOAuth2Config(t *testing.T) {
				111	tests := []struct {
				112	name string
				113	config *OAuthConfig
				114	wantNil bool
				115	testFunc func(testing.T, OAuthConfig)
				116	}{
				117	{
				118	name: "disabled config returns nil",
				119	config: &OAuthConfig{
				120	ClientID: "test-client",
				121	ClientSecret: "test-secret",
				122	Enabled: false,
				123	},
				124	wantNil: true,
				125	},
				126	{
				127	name: "enabled config returns valid oauth2.Config",
				128	config: &OAuthConfig{
				129	ClientID: "test-client",
				130	ClientSecret: "test-secret",
				131	AuthURL: "https://example.com/auth",
				132	TokenURL: "https://example.com/token",
				133	RedirectURL: "https://example.com/callback",
				134	Scopes: []string{"read", "write"},
				135	Enabled: true,
				136	},
				137	wantNil: false,
				138	testFunc: func(t testing.T, config OAuthConfig) {
				139	oauth2Config := config.ToOAuth2Config()
				140	assert.NotNil(t, oauth2Config)
				141	assert.Equal(t, config.ClientID, oauth2Config.ClientID)
				142	assert.Equal(t, config.ClientSecret, oauth2Config.ClientSecret)
				143	assert.Equal(t, config.AuthURL, oauth2Config.Endpoint.AuthURL)
				144	assert.Equal(t, config.TokenURL, oauth2Config.Endpoint.TokenURL)
				145	assert.Equal(t, config.RedirectURL, oauth2Config.RedirectURL)
				146	assert.Equal(t, config.Scopes, oauth2Config.Scopes)
				147	},
				148	},
				149	}
				150
				151	for _, tt := range tests {
				152	t.Run(tt.name, func(t *testing.T) {
				153	oauth2Config := tt.config.ToOAuth2Config()
				154
				155	if tt.wantNil {
				156	assert.Nil(t, oauth2Config)
				157	} else {
				158	assert.NotNil(t, oauth2Config)
				159	if tt.testFunc != nil {
				160	tt.testFunc(t, tt.config)
				161	}
				162	}
				163	})
				164	}
				165	}
				166
				167	func TestOAuthConfigEdgeCases(t *testing.T) {
				168	t.Run("empty scopes", func(t *testing.T) {
				169	config := &OAuthConfig{
				170	ClientID: "test-client",
				171	ClientSecret: "test-secret",
				172	AuthURL: "https://example.com/auth",
				173	TokenURL: "https://example.com/token",
				174	Scopes: []string{},
				175	Enabled: true,
				176	}
				177
				178	err := config.Validate()
				179	assert.NoError(t, err, "Empty scopes should be valid")
				180
				181	oauth2Config := config.ToOAuth2Config()
				182	assert.NotNil(t, oauth2Config)
				183	assert.Empty(t, oauth2Config.Scopes)
				184	})
				185
				186	t.Run("nil scopes", func(t *testing.T) {
				187	config := &OAuthConfig{
				188	ClientID: "test-client",
				189	ClientSecret: "test-secret",
				190	AuthURL: "https://example.com/auth",
				191	TokenURL: "https://example.com/token",
				192	Scopes: nil,
				193	Enabled: true,
				194	}
				195
				196	err := config.Validate()
				197	assert.NoError(t, err, "Nil scopes should be valid")
				198
				199	oauth2Config := config.ToOAuth2Config()
				200	assert.NotNil(t, oauth2Config)
				201	assert.Nil(t, oauth2Config.Scopes)
				202	})
				203	}
				204
				205	func TestOAuthConfigScopesHandling(t *testing.T) {
				206	config := &OAuthConfig{
				207	ClientID: "test-client",
				208	ClientSecret: "test-secret",
				209	AuthURL: "https://example.com/auth",
				210	TokenURL: "https://example.com/token",
				211	RedirectURL: "https://example.com/callback",
				212	Scopes: []string{"read", "write", "admin"},
				213	Enabled: true,
				214	}
				215
				216	oauth2Config := config.ToOAuth2Config()
				217	assert.NotNil(t, oauth2Config)
				218	assert.Len(t, oauth2Config.Scopes, 3)
				219	assert.Contains(t, oauth2Config.Scopes, "read")
				220	assert.Contains(t, oauth2Config.Scopes, "write")
				221	assert.Contains(t, oauth2Config.Scopes, "admin")
				222	}
				223
				224	// Benchmark tests
				225	func BenchmarkDefaultOAuthConfig(b *testing.B) {
				226	for i := 0; i < b.N; i++ {
				227	_ = DefaultOAuthConfig()
				228	}
				229	}
				230
				231	func BenchmarkOAuthConfigValidate(b *testing.B) {
				232	cfg := DefaultOAuthConfig()
				233	cfg.Enabled = true
				234	cfg.ClientID = "test-client"
				235	cfg.ClientSecret = "test-secret"
				236	cfg.TokenURL = "https://example.com/token"
				237
				238	b.ResetTimer()
				239	for i := 0; i < b.N; i++ {
				240	_ = cfg.Validate()
				241	}
				242	}
				243
				244	func BenchmarkOAuthConfigToOAuth2Config(b *testing.B) {
				245	cfg := &OAuthConfig{
				246	Enabled: true,
				247	ClientID: "test-client",
				248	ClientSecret: "test-secret",
				249	AuthURL: "https://example.com/auth",
				250	TokenURL: "https://example.com/token",
				251	RedirectURL: "https://example.com/callback",
				252	Scopes: []string{"read", "write"},
				253	}
				254
				255	b.ResetTimer()
				256	for i := 0; i < b.N; i++ {
				257	_ = cfg.ToOAuth2Config()
				258	}
				259	}