1
0
Fork 0
forgejo/services/auth/additional_scopes_test.go
Marcell Mars d6647f710f tests additional grant scopes
- parsing scopes in `grantAdditionalScopes`
- read basic user info if `read:user`
- fail reading repository info if only `read:user`
- read repository info if `read:repository`
- if `setting.OAuth2.EnabledAdditionalGrantScopes` not provided it reads
  all groups (public+private)
- if `setting.OAuth2.EnabledAdditionalGrantScopes` provided it reads
  only public groups
- if `setting.OAuth2.EnabledAdditionalGrantScopes` and `read:organization`
 provided it reads all groups
2024-08-09 14:58:15 +02:00

32 lines
903 B
Go

package auth
import (
"testing"
"github.com/stretchr/testify/assert"
)
func TestGrantAdditionalScopes(t *testing.T) {
tests := []struct {
grantScopes string
expectedScopes string
}{
{"openid profile email", ""},
{"openid profile email groups", ""},
{"openid profile email all", "all"},
{"openid profile email read:user all", "read:user,all"},
{"openid profile email groups read:user", "read:user"},
{"read:user read:repository", "read:user,read:repository"},
{"read:user write:issue public-only", "read:user,write:issue,public-only"},
{"openid profile email read:user", "read:user"},
{"read:invalid_scope", ""},
{"read:invalid_scope,write:scope_invalid,just-plain-wrong", ""},
}
for _, test := range tests {
t.Run(test.grantScopes, func(t *testing.T) {
result := grantAdditionalScopes(test.grantScopes)
assert.Equal(t, test.expectedScopes, result)
})
}
}