diff options
| author | Kagami Sascha Rosylight <saschanaz@outlook.com> | 2023-07-27 11:51:58 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-27 18:51:58 +0900 |
| commit | eb7b5f905ae811ed2efb03597638a7ea5d6e8dac (patch) | |
| tree | c753001ca784e0e490648a0f475f328a7b2c2d13 /packages/backend/test/e2e/api.ts | |
| parent | chore: 著作権とライセンスについての情報を各ファイルに... (diff) | |
| download | misskey-eb7b5f905ae811ed2efb03597638a7ea5d6e8dac.tar.gz misskey-eb7b5f905ae811ed2efb03597638a7ea5d6e8dac.tar.bz2 misskey-eb7b5f905ae811ed2efb03597638a7ea5d6e8dac.zip | |
feat(backend): support OAuth 2.0 authorization (#11053)
* feat(backend): support OAuth 2.0 authorization
* secureRndstr fix
* nanndekowareta
* nanndekowareta2
* nanndekowareta3
* unref?
* refactor to not close fastify
* use microformats-parser
* Update OAuth2ProviderService.ts
* clarify the reason behind dns lookup
* refactor(backend): use @types/oauth2orize-pkce (#11350)
* refactor(backend): use @types/oauth2orize-pkce
* Update package.json
* Update pnpm-lock.yaml
---------
Co-authored-by: Kagami Sascha Rosylight <saschanaz@outlook.com>
---------
Co-authored-by: mtgto <hogerappa@gmail.com>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
Diffstat (limited to 'packages/backend/test/e2e/api.ts')
| -rw-r--r-- | packages/backend/test/e2e/api.ts | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts index def90ddc72..15da74931d 100644 --- a/packages/backend/test/e2e/api.ts +++ b/packages/backend/test/e2e/api.ts @@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; import { IncomingMessage } from 'http'; -import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream } from '../utils.js'; +import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -223,6 +223,42 @@ describe('API', () => { assert.ok(result.headers.get('WWW-Authenticate')?.startsWith('Bearer realm="Misskey", error="invalid_request", error_description')); }); - // TODO: insufficient_scope test (authテストが全然なくて書けない) + describe('invalid bearer format', () => { + test('No preceding bearer', async () => { + const result = await relativeFetch('api/notes/create', { + method: 'POST', + headers: { + Authorization: alice.token, + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ text: 'test' }), + }); + assert.strictEqual(result.status, 401); + }); + + test('Lowercase bearer', async () => { + const result = await relativeFetch('api/notes/create', { + method: 'POST', + headers: { + Authorization: `bearer ${alice.token}`, + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ text: 'test' }), + }); + assert.strictEqual(result.status, 401); + }); + + test('No space after bearer', async () => { + const result = await relativeFetch('api/notes/create', { + method: 'POST', + headers: { + Authorization: `Bearer${alice.token}`, + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ text: 'test' }), + }); + assert.strictEqual(result.status, 401); + }); + }); }); }); |