adds API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
* add API endpoint to create OAuth2 Application. * move endpoint to /user. Add swagger documentations and proper response type. * change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs. * change response status to Created (201) * add methods to list OAuth2 apps and delete an existing OAuth2 app by ID. * add APIFormat convert method and file header * fixed header * hide secret on oauth2 application list * add Created time to API response * add API integration tests for create/list/delete OAuth2 applications. Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>tokarchuk/v1.17
parent
7e8cdba181
commit
af61b2249a
@ -0,0 +1,96 @@ |
||||
// Copyright 2020 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.package models
|
||||
|
||||
package integrations |
||||
|
||||
import ( |
||||
"fmt" |
||||
"net/http" |
||||
"testing" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
api "code.gitea.io/gitea/modules/structs" |
||||
|
||||
"github.com/stretchr/testify/assert" |
||||
) |
||||
|
||||
func TestOAuth2Application(t *testing.T) { |
||||
defer prepareTestEnv(t)() |
||||
testAPICreateOAuth2Application(t) |
||||
testAPIListOAuth2Applications(t) |
||||
testAPIDeleteOAuth2Application(t) |
||||
} |
||||
|
||||
func testAPICreateOAuth2Application(t *testing.T) { |
||||
user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) |
||||
appBody := api.CreateOAuth2ApplicationOptions{ |
||||
Name: "test-app-1", |
||||
RedirectURIs: []string{ |
||||
"http://www.google.com", |
||||
}, |
||||
} |
||||
|
||||
req := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody) |
||||
req = AddBasicAuthHeader(req, user.Name) |
||||
resp := MakeRequest(t, req, http.StatusCreated) |
||||
|
||||
var createdApp *api.OAuth2Application |
||||
DecodeJSON(t, resp, &createdApp) |
||||
|
||||
assert.EqualValues(t, appBody.Name, createdApp.Name) |
||||
assert.Len(t, createdApp.ClientSecret, 44) |
||||
assert.Len(t, createdApp.ClientID, 36) |
||||
assert.NotEmpty(t, createdApp.Created) |
||||
assert.EqualValues(t, appBody.RedirectURIs[0], createdApp.RedirectURIs[0]) |
||||
models.AssertExistsAndLoadBean(t, &models.OAuth2Application{UID: user.ID, Name: createdApp.Name}) |
||||
} |
||||
|
||||
func testAPIListOAuth2Applications(t *testing.T) { |
||||
user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) |
||||
session := loginUser(t, user.Name) |
||||
token := getTokenForLoggedInUser(t, session) |
||||
|
||||
existApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ |
||||
UID: user.ID, |
||||
Name: "test-app-1", |
||||
RedirectURIs: []string{ |
||||
"http://www.google.com", |
||||
}, |
||||
}).(*models.OAuth2Application) |
||||
|
||||
urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2?token=%s", token) |
||||
req := NewRequest(t, "GET", urlStr) |
||||
resp := session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var appList api.OAuth2ApplicationList |
||||
DecodeJSON(t, resp, &appList) |
||||
expectedApp := appList[0] |
||||
|
||||
assert.EqualValues(t, existApp.Name, expectedApp.Name) |
||||
assert.EqualValues(t, existApp.ClientID, expectedApp.ClientID) |
||||
assert.Len(t, expectedApp.ClientID, 36) |
||||
assert.Empty(t, expectedApp.ClientSecret) |
||||
assert.EqualValues(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0]) |
||||
models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name}) |
||||
} |
||||
|
||||
func testAPIDeleteOAuth2Application(t *testing.T) { |
||||
user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) |
||||
session := loginUser(t, user.Name) |
||||
token := getTokenForLoggedInUser(t, session) |
||||
|
||||
oldApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ |
||||
UID: user.ID, |
||||
Name: "test-app-1", |
||||
RedirectURIs: []string{ |
||||
"http://www.google.com", |
||||
}, |
||||
}).(*models.OAuth2Application) |
||||
|
||||
urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2/%d?token=%s", oldApp.ID, token) |
||||
req := NewRequest(t, "DELETE", urlStr) |
||||
session.MakeRequest(t, req, http.StatusNoContent) |
||||
|
||||
models.AssertNotExistsBean(t, &models.OAuth2Application{UID: oldApp.UID, Name: oldApp.Name}) |
||||
} |
@ -0,0 +1,16 @@ |
||||
// Copyright 2020 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package swagger |
||||
|
||||
import ( |
||||
api "code.gitea.io/gitea/modules/structs" |
||||
) |
||||
|
||||
// OAuth2Application
|
||||
// swagger:response OAuth2Application
|
||||
type swaggerResponseOAuth2Application struct { |
||||
// in:body
|
||||
Body api.OAuth2Application `json:"body"` |
||||
} |
Loading…
Reference in new issue