server/tests/oauth.test.ts

import { getConfig } from "@config";
import type { Application, Token } from "@prisma/client";
import { afterAll, beforeAll, describe, expect, test } from "bun:test";
import { client } from "~database/datasource";
import { createNewLocalUser } from "~database/entities/User";

const config = getConfig();

let client_id: string;
let client_secret: string;
let code: string;
let token: Token;

beforeAll(async () => {
	// Init test user
	await createNewLocalUser({
		email: "test@test.com",
		username: "test",
		password: "test",
		display_name: "",
	});
});

describe("POST /api/v1/apps/", () => {
	test("should create an application", async () => {
		const formData = new FormData();

		formData.append("client_name", "Test Application");
		formData.append("website", "https://example.com");
		formData.append("redirect_uris", "https://example.com");
		formData.append("scopes", "read write");

		// @ts-expect-error FormData works
		const response = await fetch(`${config.http.base_url}/api/v1/apps/`, {
			method: "POST",
			body: formData,
		});

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
		const json = (await response.json()) as any;

		expect(json).toEqual({
			id: expect.any(String),
			name: "Test Application",
			website: "https://example.com",
			client_id: expect.any(String),
			client_secret: expect.any(String),
			redirect_uri: "https://example.com",
			vapid_link: null,
		});

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		client_id = json.client_id;
		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		client_secret = json.client_secret;
	});
});

describe("POST /auth/login/", () => {
	test("should get a code", async () => {
		const formData = new FormData();

		formData.append("email", "test@test.com");
		formData.append("password", "test");

		// @ts-expect-error FormData works
		const response = await fetch(
			`${config.http.base_url}/auth/login/?client_id=${client_id}&redirect_uri=https://example.com&response_type=code&scope=read+write`,
			{
				method: "POST",
				body: formData,
				redirect: "manual",
			}
		);
		expect(response.status).toBe(302);
		expect(response.headers.get("Location")).toMatch(
			/https:\/\/example.com\?code=/
		);

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		code = response.headers.get("location")?.split("=")[1] || "";
	});
});

describe("POST /oauth/token/", () => {
	test("should get an access token", async () => {
		const formData = new FormData();

		formData.append("grant_type", "authorization_code");
		formData.append("code", code);
		formData.append("redirect_uri", "https://example.com");
		formData.append("client_id", client_id);
		formData.append("client_secret", client_secret);
		formData.append("scope", "read+write");

		// @ts-expect-error FormData works
		const response = await fetch(`${config.http.base_url}/oauth/token/`, {
			method: "POST",
			// Do not set the Content-Type header for some reason
			body: formData,
		});

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
		const json = (await response.json()) as any;

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");
		expect(json).toEqual({
			access_token: expect.any(String),
			token_type: "Bearer",
			scope: "read write",
			created_at: expect.any(String),
		});

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		token = json;
	});
});

describe("GET /api/v1/apps/verify_credentials", () => {
	test("should return the authenticated application's credentials", async () => {
		const response = await fetch(
			`${config.http.base_url}/api/v1/apps/verify_credentials`,
			{
				method: "GET",
				headers: {
					Authorization: `Bearer ${token.access_token}`,
					"Content-Type": "application/json",
				},
			}
		);

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");

		const credentials = (await response.json()) as Partial<Application>;

		expect(credentials.name).toBe("Test Application");
		expect(credentials.website).toBe("https://example.com");
		expect(credentials.redirect_uris).toBe("https://example.com");
		expect(credentials.scopes).toBe("read write");
	});
});

afterAll(async () => {
	// Clean up user
	await client.user.delete({
		where: {
			username: "test",
		},
	});
});
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`import { getConfig } from "@config";`
Enable verbatim module syntax + more API routes 2023-11-23 05:10:37 +01:00			`import type { Application, Token } from "@prisma/client";`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`import { afterAll, beforeAll, describe, expect, test } from "bun:test";`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`import { client } from "~database/datasource";`
			`import { createNewLocalUser } from "~database/entities/User";`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`const config = getConfig();`

			`let client_id: string;`
			`let client_secret: string;`
			`let code: string;`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00			`let token: Token;`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`beforeAll(async () => {`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`// Init test user`
			`await createNewLocalUser({`
Add more API endpoints, better tests 2023-09-22 00:42:59 +02:00			`email: "test@test.com",`
			`username: "test",`
			`password: "test",`
			`display_name: "",`
			`});`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`

Fix the last failing tests 2023-09-22 03:14:03 +02:00			`describe("POST /api/v1/apps/", () => {`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`test("should create an application", async () => {`
			`const formData = new FormData();`

			`formData.append("client_name", "Test Application");`
			`formData.append("website", "https://example.com");`
			`formData.append("redirect_uris", "https://example.com");`
			`formData.append("scopes", "read write");`
Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00			`// @ts-expect-error FormData works`
Add new API endpoint (accounts/verify_credentials) 2023-09-22 04:15:12 +02:00			const response = await fetch(`${config.http.base_url}/api/v1/apps/`, {
			`method: "POST",`
			`body: formData,`
			`});`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment`
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00			`const json = (await response.json()) as any;`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`expect(json).toEqual({`
			`id: expect.any(String),`
			`name: "Test Application",`
			`website: "https://example.com",`
			`client_id: expect.any(String),`
			`client_secret: expect.any(String),`
			`redirect_uri: "https://example.com",`
			`vapid_link: null,`
			`});`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`client_id = json.client_id;`
			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`client_secret = json.client_secret;`
			`});`
			`});`

			`describe("POST /auth/login/", () => {`
			`test("should get a code", async () => {`
			`const formData = new FormData();`

Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00			`formData.append("email", "test@test.com");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`formData.append("password", "test");`
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00
			`// @ts-expect-error FormData works`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`const response = await fetch(`
Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00			`${config.http.base_url}/auth/login/?client_id=${client_id}&redirect_uri=https://example.com&response_type=code&scope=read+write`,
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`{`
			`method: "POST",`
			`body: formData,`
Make tests pass 2023-09-14 04:49:26 +02:00			`redirect: "manual",`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`}`
			`);`
			`expect(response.status).toBe(302);`
Make tests pass 2023-09-14 04:49:26 +02:00			`expect(response.headers.get("Location")).toMatch(`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`/https:\/\/example.com\?code=/`
			`);`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`code = response.headers.get("location")?.split("=")[1] \|\| "";`
			`});`
			`});`

guh 2023-09-15 03:22:27 +02:00			`describe("POST /oauth/token/", () => {`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`test("should get an access token", async () => {`
			`const formData = new FormData();`

			`formData.append("grant_type", "authorization_code");`
			`formData.append("code", code);`
			`formData.append("redirect_uri", "https://example.com");`
			`formData.append("client_id", client_id);`
			`formData.append("client_secret", client_secret);`
Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00			`formData.append("scope", "read+write");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00			`// @ts-expect-error FormData works`
Add new API endpoint (accounts/verify_credentials) 2023-09-22 04:15:12 +02:00			const response = await fetch(`${config.http.base_url}/oauth/token/`, {
			`method: "POST",`
Fix OAuth tests failing 2023-10-23 02:38:33 +02:00			`// Do not set the Content-Type header for some reason`
Add new API endpoint (accounts/verify_credentials) 2023-09-22 04:15:12 +02:00			`body: formData,`
			`});`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
Make tests pass 2023-09-14 04:49:26 +02:00			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment`
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00			`const json = (await response.json()) as any;`
Make tests pass 2023-09-14 04:49:26 +02:00
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`
Make tests pass 2023-09-14 04:49:26 +02:00			`expect(json).toEqual({`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`access_token: expect.any(String),`
Make tests pass 2023-09-14 04:49:26 +02:00			`token_type: "Bearer",`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`scope: "read write",`
Make tests pass 2023-09-14 04:49:26 +02:00			`created_at: expect.any(String),`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00
			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`token = json;`
			`});`
			`});`

			`describe("GET /api/v1/apps/verify_credentials", () => {`
			`test("should return the authenticated application's credentials", async () => {`
			`const response = await fetch(`
Add new API endpoint (accounts/verify_credentials) 2023-09-22 04:15:12 +02:00			`${config.http.base_url}/api/v1/apps/verify_credentials`,
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00			`{`
			`method: "GET",`
			`headers: {`
			Authorization: `Bearer ${token.access_token}`,
			`"Content-Type": "application/json",`
			`},`
			`}`
			`);`

			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`

Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`const credentials = (await response.json()) as Partial<Application>;`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00
			`expect(credentials.name).toBe("Test Application");`
			`expect(credentials.website).toBe("https://example.com");`
			`expect(credentials.redirect_uris).toBe("https://example.com");`
			`expect(credentials.scopes).toBe("read write");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
			`});`

			`afterAll(async () => {`
			`// Clean up user`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`await client.user.delete({`
Clean up more ActivityPub code, refactoring 2023-10-23 07:39:42 +02:00			`where: {`
			`username: "test",`
			`},`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
			`});`