server/tests/oauth.test.ts

import type { Application, Token } from "@prisma/client";
import { afterAll, beforeAll, describe, expect, test } from "bun:test";
import { client } from "~database/datasource";
import { createNewLocalUser } from "~database/entities/User";
import { sendTestRequest, wrapRelativeUrl } from "./utils";

// const config = await new ConfigManager({}).getConfig();
const base_url = "http://lysand.localhost:8080"; //config.http.base_url;

let client_id: string;
let client_secret: string;
let code: string;
let token: Token;

beforeAll(async () => {
	// Init test user
	await createNewLocalUser({
		email: "test@test.com",
		username: "test",
		password: "test",
		display_name: "",
	});
});

describe("POST /api/v1/apps/", () => {
	test("should create an application", async () => {
		const formData = new FormData();

		formData.append("client_name", "Test Application");
		formData.append("website", "https://example.com");
		formData.append("redirect_uris", "https://example.com");
		formData.append("scopes", "read write");

		const response = await sendTestRequest(
			new Request(wrapRelativeUrl("/api/v1/apps/", base_url), {
				method: "POST",
				body: formData,
			})
		);

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
		const json = await response.json();

		expect(json).toEqual({
			id: expect.any(String),
			name: "Test Application",
			website: "https://example.com",
			client_id: expect.any(String),
			client_secret: expect.any(String),
			redirect_uri: "https://example.com",
			vapid_link: null,
		});

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		client_id = json.client_id;
		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		client_secret = json.client_secret;
	});
});

describe("POST /auth/login/", () => {
	test("should get a code", async () => {
		const formData = new FormData();

		formData.append("email", "test@test.com");
		formData.append("password", "test");

		const response = await sendTestRequest(
			new Request(
				wrapRelativeUrl(
					`/auth/login/?client_id=${client_id}&redirect_uri=https://example.com&response_type=code&scope=read+write`,
					base_url
				),
				{
					method: "POST",
					body: formData,
				}
			)
		);

		expect(response.status).toBe(302);
		expect(response.headers.get("Location")).toMatch(
			/https:\/\/example.com\?code=/
		);

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		code = response.headers.get("location")?.split("=")[1] || "";
	});
});

describe("POST /oauth/token/", () => {
	test("should get an access token", async () => {
		const formData = new FormData();

		formData.append("grant_type", "authorization_code");
		formData.append("code", code);
		formData.append("redirect_uri", "https://example.com");
		formData.append("client_id", client_id);
		formData.append("client_secret", client_secret);
		formData.append("scope", "read+write");

		const response = await sendTestRequest(
			new Request(wrapRelativeUrl("/oauth/token/", base_url), {
				method: "POST",
				body: formData,
			})
		);

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
		const json = await response.json();

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");
		expect(json).toEqual({
			access_token: expect.any(String),
			token_type: "Bearer",
			scope: "read write",
			created_at: expect.any(String),
		});

		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
		token = json;
	});
});

describe("GET /api/v1/apps/verify_credentials", () => {
	test("should return the authenticated application's credentials", async () => {
		const response = await sendTestRequest(
			new Request(
				wrapRelativeUrl("/api/v1/apps/verify_credentials", base_url),
				{
					headers: {
						Authorization: `Bearer ${token.access_token}`,
					},
				}
			)
		);

		expect(response.status).toBe(200);
		expect(response.headers.get("content-type")).toBe("application/json");

		const credentials = (await response.json()) as Partial<Application>;

		expect(credentials.name).toBe("Test Application");
		expect(credentials.website).toBe("https://example.com");
		expect(credentials.redirect_uris).toBe("https://example.com");
		expect(credentials.scopes).toBe("read write");
	});
});

afterAll(async () => {
	// Clean up user
	await client.user.delete({
		where: {
			username: "test",
		},
	});
});
Enable verbatim module syntax + more API routes 2023-11-23 05:10:37 +01:00			`import type { Application, Token } from "@prisma/client";`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`import { afterAll, beforeAll, describe, expect, test } from "bun:test";`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`import { client } from "~database/datasource";`
			`import { createNewLocalUser } from "~database/entities/User";`
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`import { sendTestRequest, wrapRelativeUrl } from "./utils";`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`// const config = await new ConfigManager({}).getConfig();`
			`const base_url = "http://lysand.localhost:8080"; //config.http.base_url;`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`let client_id: string;`
			`let client_secret: string;`
			`let code: string;`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00			`let token: Token;`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`beforeAll(async () => {`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`// Init test user`
			`await createNewLocalUser({`
Add more API endpoints, better tests 2023-09-22 00:42:59 +02:00			`email: "test@test.com",`
			`username: "test",`
			`password: "test",`
			`display_name: "",`
			`});`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`

Fix the last failing tests 2023-09-22 03:14:03 +02:00			`describe("POST /api/v1/apps/", () => {`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`test("should create an application", async () => {`
			`const formData = new FormData();`

			`formData.append("client_name", "Test Application");`
			`formData.append("website", "https://example.com");`
			`formData.append("redirect_uris", "https://example.com");`
			`formData.append("scopes", "read write");`
Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`const response = await sendTestRequest(`
			`new Request(wrapRelativeUrl("/api/v1/apps/", base_url), {`
			`method: "POST",`
			`body: formData,`
			`})`
			`);`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment`
Update all packages, fix critical bugs 2024-03-04 04:29:44 +01:00			`const json = await response.json();`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
			`expect(json).toEqual({`
			`id: expect.any(String),`
			`name: "Test Application",`
			`website: "https://example.com",`
			`client_id: expect.any(String),`
			`client_secret: expect.any(String),`
			`redirect_uri: "https://example.com",`
			`vapid_link: null,`
			`});`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`client_id = json.client_id;`
			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`client_secret = json.client_secret;`
			`});`
			`});`

			`describe("POST /auth/login/", () => {`
			`test("should get a code", async () => {`
			`const formData = new FormData();`

Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00			`formData.append("email", "test@test.com");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`formData.append("password", "test");`
Media upload for avatars and banners, more work, fix tests 2023-10-19 21:53:59 +02:00
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`const response = await sendTestRequest(`
			`new Request(`
			`wrapRelativeUrl(`
			`/auth/login/?client_id=${client_id}&redirect_uri=https://example.com&response_type=code&scope=read+write`,
			`base_url`
			`),`
			`{`
			`method: "POST",`
			`body: formData,`
			`}`
			`)`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`);`
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`expect(response.status).toBe(302);`
Make tests pass 2023-09-14 04:49:26 +02:00			`expect(response.headers.get("Location")).toMatch(`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`/https:\/\/example.com\?code=/`
			`);`

			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`code = response.headers.get("location")?.split("=")[1] \|\| "";`
			`});`
			`});`

guh 2023-09-15 03:22:27 +02:00			`describe("POST /oauth/token/", () => {`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`test("should get an access token", async () => {`
			`const formData = new FormData();`

			`formData.append("grant_type", "authorization_code");`
			`formData.append("code", code);`
			`formData.append("redirect_uri", "https://example.com");`
			`formData.append("client_id", client_id);`
			`formData.append("client_secret", client_secret);`
Fix existing bugs in tests, refactor users 2023-10-08 22:20:42 +02:00			`formData.append("scope", "read+write");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`const response = await sendTestRequest(`
			`new Request(wrapRelativeUrl("/oauth/token/", base_url), {`
			`method: "POST",`
			`body: formData,`
			`})`
			`);`
RAHHHHHHH 2023-09-14 04:25:45 +02:00
Make tests pass 2023-09-14 04:49:26 +02:00			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment`
Update all packages, fix critical bugs 2024-03-04 04:29:44 +01:00			`const json = await response.json();`
Make tests pass 2023-09-14 04:49:26 +02:00
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`
Make tests pass 2023-09-14 04:49:26 +02:00			`expect(json).toEqual({`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`access_token: expect.any(String),`
Make tests pass 2023-09-14 04:49:26 +02:00			`token_type: "Bearer",`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`scope: "read write",`
Make tests pass 2023-09-14 04:49:26 +02:00			`created_at: expect.any(String),`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00
			`// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access`
			`token = json;`
			`});`
			`});`

			`describe("GET /api/v1/apps/verify_credentials", () => {`
			`test("should return the authenticated application's credentials", async () => {`
Finish full rewrite of server and testing systems 2024-03-11 03:04:14 +01:00			`const response = await sendTestRequest(`
			`new Request(`
			`wrapRelativeUrl("/api/v1/apps/verify_credentials", base_url),`
			`{`
			`headers: {`
			Authorization: `Bearer ${token.access_token}`,
			`},`
			`}`
			`)`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00			`);`

			`expect(response.status).toBe(200);`
			`expect(response.headers.get("content-type")).toBe("application/json");`

Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`const credentials = (await response.json()) as Partial<Application>;`
Add new endpoint - verify_credentials 2023-09-22 03:41:12 +02:00
			`expect(credentials.name).toBe("Test Application");`
			`expect(credentials.website).toBe("https://example.com");`
			`expect(credentials.redirect_uris).toBe("https://example.com");`
			`expect(credentials.scopes).toBe("read write");`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
			`});`

			`afterAll(async () => {`
			`// Clean up user`
Finish rewrite of everything with Prisma 2023-11-12 02:37:14 +01:00			`await client.user.delete({`
Clean up more ActivityPub code, refactoring 2023-10-23 07:39:42 +02:00			`where: {`
			`username: "test",`
			`},`
RAHHHHHHH 2023-09-14 04:25:45 +02:00			`});`
			`});`