tests/oauth_client_metadata.rs at 89377201c405def124fedcd3e08d4ae6f2b2b5c5 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / tests / oauth_client_metadata.rs
at 89377201c405def124fedcd3e08d4ae6f2b2b5c5 3.5 kB view raw
 1mod common;
 2use common::*;
 3use reqwest::StatusCode;
 4use serde_json::Value;
 5
 6#[tokio::test]
 7async fn test_frontend_client_metadata_returns_valid_json() {
 8    let client = client();
 9    let res = client
10        .get(format!(
11            "{}/oauth/client-metadata.json",
12            base_url().await
13        ))
14        .send()
15        .await
16        .expect("Failed to send request");
17    assert_eq!(res.status(), StatusCode::OK);
18    let body: Value = res.json().await.expect("Should return valid JSON");
19    assert!(body["client_id"].as_str().is_some(), "Should have client_id");
20    assert!(body["client_name"].as_str().is_some(), "Should have client_name");
21    assert!(body["redirect_uris"].as_array().is_some(), "Should have redirect_uris");
22    assert!(body["grant_types"].as_array().is_some(), "Should have grant_types");
23    assert!(body["response_types"].as_array().is_some(), "Should have response_types");
24    assert!(body["scope"].as_str().is_some(), "Should have scope");
25    assert!(body["token_endpoint_auth_method"].as_str().is_some(), "Should have token_endpoint_auth_method");
26}
27
28#[tokio::test]
29async fn test_frontend_client_metadata_correct_values() {
30    let client = client();
31    let res = client
32        .get(format!(
33            "{}/oauth/client-metadata.json",
34            base_url().await
35        ))
36        .send()
37        .await
38        .expect("Failed to send request");
39    assert_eq!(res.status(), StatusCode::OK);
40    let body: Value = res.json().await.unwrap();
41    let client_id = body["client_id"].as_str().unwrap();
42    assert!(client_id.ends_with("/oauth/client-metadata.json"), "client_id should end with /oauth/client-metadata.json");
43    let grant_types = body["grant_types"].as_array().unwrap();
44    let grant_strs: Vec<&str> = grant_types.iter().filter_map(|v| v.as_str()).collect();
45    assert!(grant_strs.contains(&"authorization_code"), "Should support authorization_code grant");
46    assert!(grant_strs.contains(&"refresh_token"), "Should support refresh_token grant");
47    let response_types = body["response_types"].as_array().unwrap();
48    let response_strs: Vec<&str> = response_types.iter().filter_map(|v| v.as_str()).collect();
49    assert!(response_strs.contains(&"code"), "Should support code response type");
50    assert_eq!(body["token_endpoint_auth_method"].as_str(), Some("none"), "Should be public client (none auth)");
51    assert_eq!(body["application_type"].as_str(), Some("web"), "Should be web application");
52    assert_eq!(body["dpop_bound_access_tokens"].as_bool(), Some(false), "Should not require DPoP");
53    let scope = body["scope"].as_str().unwrap();
54    assert!(scope.contains("atproto"), "Scope should include atproto");
55}
56
57#[tokio::test]
58async fn test_frontend_client_metadata_redirect_uri_matches_client_uri() {
59    let client = client();
60    let res = client
61        .get(format!(
62            "{}/oauth/client-metadata.json",
63            base_url().await
64        ))
65        .send()
66        .await
67        .expect("Failed to send request");
68    assert_eq!(res.status(), StatusCode::OK);
69    let body: Value = res.json().await.unwrap();
70    let client_uri = body["client_uri"].as_str().unwrap();
71    let redirect_uris = body["redirect_uris"].as_array().unwrap();
72    assert!(!redirect_uris.is_empty(), "Should have at least one redirect URI");
73    let redirect_uri = redirect_uris[0].as_str().unwrap();
74    assert!(redirect_uri.starts_with(client_uri), "Redirect URI should be on same origin as client_uri");
75}