1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
use strict;
use warnings;
use lib 't/lib';
use Test::More tests => 10;
use Plack::Request;
use Try::Tiny;
use TestDataHandler;
use OAuth::Lite2::Server::GrantHandler::RefreshToken;
use OAuth::Lite2::Util qw(build_content);
TestDataHandler->clear;
TestDataHandler->add_client(id => q{foo}, secret => q{bar});
my $dh = TestDataHandler->new;
my $auth_info = $dh->create_or_update_auth_info(
client_id => q{foo},
user_id => q{1},
scope => q{email},
);
is($auth_info->refresh_token, "refresh_token_0");
my $action = OAuth::Lite2::Server::GrantHandler::RefreshToken->new;
sub test_success {
my $params = shift;
my $expected = shift;
my $request = Plack::Request->new({
REQUEST_URI => q{http://example.org/resource},
REQUEST_METHOD => q{GET},
QUERY_STRING => build_content($params),
});
my $dh = TestDataHandler->new(request => $request);
my $res; try {
$res = $action->handle_request($dh);
} catch {
my $error_message = ($_->isa("OAuth::Lite2::Error"))
? $_->type : $_;
};
if(exists $expected->{token}) {
is($res->{token_type}, $expected->{token_type});
is($res->{access_token}, $expected->{token});
} else {
ok(!$res->{access_token});
}
if(exists $expected->{secret}) {
is($res->{access_token_secret}, $expected->{secret});
} else {
ok(!$res->{access_token_secret});
}
if(exists $expected->{expires_in}) {
is($res->{expires_in}, $expected->{expires_in});
} else {
ok(!$res->{expires_in});
}
if(exists $expected->{refresh_token}) {
is($res->{refresh_token}, $expected->{refresh_token});
} else {
ok(!$res->{refresh_token});
}
if(exists $expected->{secret_type}) {
is($res->{secret_type}, $expected->{secret_type});
} else {
ok(!$res->{secret_type});
}
}
sub test_error {
my $params = shift;
my $message = shift;
my $request = Plack::Request->new({
REQUEST_URI => q{http://example.org/resource},
REQUEST_METHOD => q{GET},
QUERY_STRING => build_content($params),
});
my $dh = TestDataHandler->new(request => $request);
my $error_message; try {
my $res = $action->handle_request($dh);
} catch {
$error_message = ($_->isa("OAuth::Lite2::Error"))
? $_->type : $_;
};
like($error_message, qr/$message/);
}
# no refresh_token
&test_error({
client_id => q{foo},
client_secret => q{bar},
}, q{invalid_request});
# invalid client_id
&test_error({
client_id => q{unknown},
client_secret => q{bar},
refresh_token => $auth_info->refresh_token,
}, q{invalid_client});
# invalid refresh token
&test_error({
client_id => q{foo},
client_secret => q{bar},
refresh_token => q{invalid},
}, q{invalid_grant});
# without secret type
&test_success({
client_id => q{foo},
client_secret => q{bar},
refresh_token => $auth_info->refresh_token,
}, {
token_type => q{Bearer},
token => q{access_token_0},
expires_in => q{3600},
refresh_token => q{refresh_token_0},
});
|
