package auth import ( "testing" ) func TestGetClientMetadata(t *testing.T) { metadata := GetClientMetadata() // Verify required fields are populated if metadata.ClientID == "" { t.Error("ClientID should not be empty") } if metadata.ClientName == "" { t.Error("ClientName should not be empty") } if metadata.ClientURI == "" { t.Error("ClientURI should not be empty") } if len(metadata.RedirectURIs) == 0 { t.Error("RedirectURIs should not be empty") } if len(metadata.GrantTypes) == 0 { t.Error("GrantTypes should not be empty") } if metadata.Scope == "" { t.Error("Scope should not be empty") } // Verify expected values from client-metadata.json if metadata.ClientID != "https://blup.imgs.blue/oauth-client-metadata.json" { t.Errorf("ClientID = %q, want %q", metadata.ClientID, "https://blup.imgs.blue/oauth-client-metadata.json") } if metadata.ClientName != "Blup" { t.Errorf("ClientName = %q, want %q", metadata.ClientName, "Blup") } if metadata.ClientURI != "https://blup.imgs.blue" { t.Errorf("ClientURI = %q, want %q", metadata.ClientURI, "https://blup.imgs.blue") } if metadata.RedirectURIs[0] != "https://blup.imgs.blue/oauth/callback" { t.Errorf("RedirectURIs[0] = %q, want %q", metadata.RedirectURIs[0], "https://blup.imgs.blue/oauth/callback") } if !metadata.DpopBoundAccessTokens { t.Error("DpopBoundAccessTokens should be true") } if metadata.TokenEndpointAuthMethod != "none" { t.Errorf("TokenEndpointAuthMethod = %q, want %q", metadata.TokenEndpointAuthMethod, "none") } if metadata.ApplicationType != "native" { t.Errorf("ApplicationType = %q, want %q", metadata.ApplicationType, "native") } } func TestGetClientMetadataGrantTypes(t *testing.T) { metadata := GetClientMetadata() expectedGrantTypes := []string{"authorization_code", "refresh_token"} if len(metadata.GrantTypes) != len(expectedGrantTypes) { t.Fatalf("GrantTypes length = %d, want %d", len(metadata.GrantTypes), len(expectedGrantTypes)) } for i, gt := range expectedGrantTypes { if metadata.GrantTypes[i] != gt { t.Errorf("GrantTypes[%d] = %q, want %q", i, metadata.GrantTypes[i], gt) } } } func TestGetClientMetadataResponseTypes(t *testing.T) { metadata := GetClientMetadata() if len(metadata.ResponseTypes) != 1 { t.Fatalf("ResponseTypes length = %d, want 1", len(metadata.ResponseTypes)) } if metadata.ResponseTypes[0] != "code" { t.Errorf("ResponseTypes[0] = %q, want %q", metadata.ResponseTypes[0], "code") } } func TestGetClientConfig(t *testing.T) { config := GetClientConfig() // Verify the config is built correctly if config.ClientID == "" { t.Error("ClientID should not be empty") } if config.CallbackURL == "" { t.Error("CallbackURL should not be empty") } if len(config.Scopes) == 0 { t.Error("Scopes should not be empty") } // Verify expected values if config.ClientID != "https://blup.imgs.blue/oauth-client-metadata.json" { t.Errorf("ClientID = %q, want %q", config.ClientID, "https://blup.imgs.blue/oauth-client-metadata.json") } if config.CallbackURL != "https://blup.imgs.blue/oauth/callback" { t.Errorf("CallbackURL = %q, want %q", config.CallbackURL, "https://blup.imgs.blue/oauth/callback") } } func TestGetClientConfigScopes(t *testing.T) { config := GetClientConfig() // Scope in metadata is "atproto repo:blue.imgs.blup.image blob:image/*" // Should be split into 3 scopes expectedScopes := []string{"atproto", "repo:blue.imgs.blup.image", "blob:image/*"} if len(config.Scopes) != len(expectedScopes) { t.Fatalf("Scopes length = %d, want %d; got %v", len(config.Scopes), len(expectedScopes), config.Scopes) } for i, scope := range expectedScopes { if config.Scopes[i] != scope { t.Errorf("Scopes[%d] = %q, want %q", i, config.Scopes[i], scope) } } }