djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

token_handler_test.go: modify a test about refresh request scopes param 

Signed-off-by: Margo Crawford <margaretc@vmware.com>
This commit is contained in:
Ryan Richard 2020-12-09 15:03:52 -08:00 committed by Margo Crawford
parent 5f6e7de785
commit 0abadddb1a
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
internal/oidc/token/token_handler_test.go
View File

@ -922,25 +922,25 @@ func TestRefreshGrant(t *testing.T) {
}},
},
{
name: "when the refresh request removes a scope which was originally granted from the list of requested scopes then it is ignored",
name: "when the refresh request removes a scope which was originally granted from the list of requested scopes then it is granted anyway",
authcodeExchange: authcodeExchangeInputs{
modifyAuthRequest: func(r *http.Request) { r.Form.Set("scope", "openid offline_access") },
modifyAuthRequest: func(r *http.Request) { r.Form.Set("scope", "openid offline_access pinniped.sts.unrestricted") },
want: tokenEndpointResponseExpectedValues{
wantStatus: http.StatusOK,
wantSuccessBodyFields: []string{"id_token", "refresh_token", "access_token", "token_type", "expires_in", "scope"},
wantRequestedScopes: []string{"openid", "offline_access"},
wantGrantedScopes: []string{"openid", "offline_access"},
wantRequestedScopes: []string{"openid", "offline_access", "pinniped.sts.unrestricted"},
wantGrantedScopes: []string{"openid", "offline_access", "pinniped.sts.unrestricted"},
},
},
refreshRequest: refreshRequestInputs{
modifyTokenRequest: func(r *http.Request, refreshToken string, accessToken string) {
r.Body = happyRefreshRequestBody(refreshToken).WithScope("").ReadCloser() // TODO FIX ME. WE NEED ANOTHER VALID SCOPE ON THIS CLIENT TO WRITE THIS TEST.
r.Body = happyRefreshRequestBody(refreshToken).WithScope("openid").ReadCloser() // do not ask for "pinniped.sts.unrestricted" again
},
want: tokenEndpointResponseExpectedValues{
wantStatus: http.StatusOK,
wantSuccessBodyFields: []string{"id_token", "refresh_token", "access_token", "token_type", "expires_in", "scope"},
wantRequestedScopes: []string{"openid", "offline_access"},
wantGrantedScopes: []string{"openid", "offline_access"},
wantRequestedScopes: []string{"openid", "offline_access", "pinniped.sts.unrestricted"},
wantGrantedScopes: []string{"openid", "offline_access", "pinniped.sts.unrestricted"},
}},
},
{