logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma

basic_auth_test.exs (1469B)

    

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Web.Auth.BasicAuthTest do

  6.   use Pleroma.Web.ConnCase

  7. 

  8.   import Pleroma.Factory

  9. 

  10.   test "with HTTP Basic Auth used, grants access to OAuth scope-restricted endpoints", %{

  11.     conn: conn

  12.   } do

  13.     user = insert(:user)

  14.     assert Pbkdf2.verify_pass("test", user.password_hash)

  15. 

  16.     basic_auth_contents =

  17.       (URI.encode_www_form(user.nickname) <> ":" <> URI.encode_www_form("test"))

  18.       |> Base.encode64()

  19. 

  20.     # Succeeds with HTTP Basic Auth

  21.     response =

  22.       conn

  23.       |> put_req_header("authorization", "Basic " <> basic_auth_contents)

  24.       |> get("/api/v1/accounts/verify_credentials")

  25.       |> json_response(200)

  26. 

  27.     user_nickname = user.nickname

  28.     assert %{"username" => ^user_nickname} = response

  29. 

  30.     # Succeeds with a properly scoped OAuth token

  31.     valid_token = insert(:oauth_token, scopes: ["read:accounts"])

  32. 

  33.     conn

  34.     |> put_req_header("authorization", "Bearer #{valid_token.token}")

  35.     |> get("/api/v1/accounts/verify_credentials")

  36.     |> json_response(200)

  37. 

  38.     # Fails with a wrong-scoped OAuth token (proof of restriction)

  39.     invalid_token = insert(:oauth_token, scopes: ["read:something"])

  40. 

  41.     conn

  42.     |> put_req_header("authorization", "Bearer #{invalid_token.token}")

  43.     |> get("/api/v1/accounts/verify_credentials")

  44.     |> json_response(403)

  45.   end

  46. end