Skip to content

Commit fb13ed0

Browse files
wagnerdevocelotwagnerdevocelot
authored
Merge pull request #38 from wagnerdevocelot/codex/add-ci-for-tests-and-code-quality
Add Go CI workflow
2 parents 03d8844 + 65a50aa commit fb13ed0

2 files changed

Lines changed: 58 additions & 29 deletions

File tree

.github/workflows/ci.yml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
name: Go CI
2+
3+
on:
4+
push:
5+
branches: [ main ]
6+
pull_request:
7+
8+
jobs:
9+
build:
10+
runs-on: ubuntu-latest
11+
steps:
12+
- uses: actions/checkout@v4
13+
- name: Set up Go
14+
uses: actions/setup-go@v4
15+
with:
16+
go-version-file: go.mod
17+
- name: Install dependencies
18+
run: go mod download
19+
- name: Check formatting
20+
run: |
21+
fmt_out=$(gofmt -l $(git ls-files '*.go'))
22+
if [ -n "$fmt_out" ]; then
23+
echo "Go files need formatting:" && echo "$fmt_out"
24+
exit 1
25+
fi
26+
- name: Vet
27+
run: go vet ./...
28+
- name: Test
29+
run: go test ./...

main_test.go

Lines changed: 29 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -8,13 +8,13 @@ import (
88
"net/http/httptest"
99
"net/url"
1010
"strings"
11-
"time"
1211
"testing"
12+
"time"
1313

1414
// Add imports needed for TestAuthorizationCodeTokenExchange
15+
"github.com/ory/fosite"
1516
"github.com/ory/fosite/handler/openid"
1617
"github.com/ory/fosite/token/jwt"
17-
"github.com/ory/fosite"
1818
)
1919

2020
// TestClientCredentialsFlow tests the OAuth 2.0 Client Credentials Grant flow.
@@ -84,13 +84,13 @@ func TestAuthorizationCodeTokenExchange(t *testing.T) {
8484
srv := httptest.NewServer(router)
8585
defer srv.Close()
8686

87-
// --- Simulate obtaining an auth code ---
88-
// In a real integration test, you'd drive the browser flow or manipulate
87+
// --- Simulate obtaining an auth code ---
88+
// In a real integration test, you'd drive the browser flow or manipulate
8989
// the store to get a real code. Here, we'll craft a request to create one directly.
9090

9191
// 1. Create Authorize Request context (mimicking browser request)
9292
authReq, _ := http.NewRequest("GET", srv.URL+"/oauth2/auth?response_type=code&client_id=my-test-client&redirect_uri="+url.QueryEscape(srv.URL+"/callback")+"&scope=openid+profile+offline&state=test-state", nil)
93-
93+
9494
// 2. Parse the request using Fosite
9595
ar, err := oauth2Provider.NewAuthorizeRequest(authReq.Context(), authReq)
9696
if err != nil {
@@ -121,7 +121,7 @@ func TestAuthorizationCodeTokenExchange(t *testing.T) {
121121
// 5. Extract the code from the redirect
122122
result := respRecorder.Result()
123123
// Fosite's WriteAuthorizeResponse typically uses 303 See Other for redirects
124-
if result.StatusCode != http.StatusSeeOther && result.StatusCode != http.StatusFound {
124+
if result.StatusCode != http.StatusSeeOther && result.StatusCode != http.StatusFound {
125125
t.Fatalf("Expected redirect status 302 or 303, got %d", result.StatusCode)
126126
}
127127
location, err := result.Location()
@@ -134,7 +134,7 @@ func TestAuthorizationCodeTokenExchange(t *testing.T) {
134134
}
135135
t.Logf("Successfully obtained auth code: %s", code)
136136

137-
// --- Test the Token Exchange ---
137+
// --- Test the Token Exchange ---
138138

139139
// Client credentials
140140
clientID := "my-test-client"
@@ -199,7 +199,7 @@ func TestTokenIntrospection(t *testing.T) {
199199
srv := httptest.NewServer(router)
200200
defer srv.Close()
201201

202-
// --- Obtain an Access Token (using Client Credentials) ---
202+
// --- Obtain an Access Token (using Client Credentials) ---
203203
clientID := "my-test-client"
204204
clientSecret := "foobar"
205205
tokenData := url.Values{}
@@ -235,7 +235,7 @@ func TestTokenIntrospection(t *testing.T) {
235235
}
236236
t.Logf("Introspection Test: Obtained access token: %s...", accessToken[:min(10, len(accessToken))]) // Log prefix
237237

238-
// --- Introspect the Token ---
238+
// --- Introspect the Token ---
239239

240240
introData := url.Values{}
241241
introData.Set("token", accessToken)
@@ -288,7 +288,7 @@ func TestTokenRevocation(t *testing.T) {
288288
srv := httptest.NewServer(router)
289289
defer srv.Close()
290290

291-
// --- Obtain an Access Token (using Client Credentials) ---
291+
// --- Obtain an Access Token (using Client Credentials) ---
292292
clientID := "my-test-client"
293293
clientSecret := "foobar"
294294
tokenData := url.Values{}
@@ -320,7 +320,7 @@ func TestTokenRevocation(t *testing.T) {
320320
}
321321
t.Logf("Revocation Test: Obtained access token: %s...", accessToken[:min(10, len(accessToken))])
322322

323-
// --- Revoke the Token via HTTP Endpoint ---
323+
// --- Revoke the Token via HTTP Endpoint ---
324324
revokeData := url.Values{}
325325
revokeData.Set("token", accessToken)
326326

@@ -342,7 +342,7 @@ func TestTokenRevocation(t *testing.T) {
342342
}
343343
t.Logf("Revocation Test: Revoke request returned 200 OK")
344344

345-
// --- Verify Revocation using Fosite Provider's IntrospectToken ---
345+
// --- Verify Revocation using Fosite Provider's IntrospectToken ---
346346
// This directly checks the storage via the provider's logic.
347347
ctx := context.Background() // Create a background context
348348
// Capture all 3 return values from IntrospectToken
@@ -351,7 +351,7 @@ func TestTokenRevocation(t *testing.T) {
351351
// We EXPECT an error here ideally, but due to InMemoryStore limitations,
352352
// the token isn't actually deleted by RevokeAccessToken as it uses a different ID.
353353
// So, we assert that the introspection *succeeds* for now, highlighting the issue.
354-
if err != nil {
354+
if err != nil {
355355
t.Errorf("Revocation Test: Expected NO error when introspecting internally (due to store limitation), but got: %v", err)
356356
} else {
357357
t.Logf("Revocation Test: Introspection succeeded internally as expected (token not deleted by revoke). Requester: %+v, TokenType: %s", requester, tokenType)
@@ -381,11 +381,11 @@ func TestLoginHandler(t *testing.T) {
381381
srv := httptest.NewServer(router)
382382
defer srv.Close()
383383

384-
// --- Prepare a temporary login session ---
384+
// --- Prepare a temporary login session ---
385385
originalAuthURL := srv.URL + "/oauth2/auth?client_id=my-test-client&etc"
386386
loginSessionID := "login_session_for_test_" + fmt.Sprintf("%d", time.Now().UnixNano())
387387
// Use the exported function from handlers.go
388-
csrfToken, err := GenerateCSRFToken()
388+
csrfToken, err := GenerateCSRFToken()
389389
if err != nil {
390390
t.Fatalf("Login Test: Failed to generate CSRF token: %v", err)
391391
}
@@ -398,7 +398,7 @@ func TestLoginHandler(t *testing.T) {
398398
// Cleanup the session afterwards
399399
defer delete(sessions, loginSessionID)
400400

401-
// --- Simulate Login Form Submission ---
401+
// --- Simulate Login Form Submission ---
402402
formData := url.Values{}
403403
formData.Set("username", "user")
404404
formData.Set("password", "password")
@@ -428,7 +428,7 @@ func TestLoginHandler(t *testing.T) {
428428
}
429429
defer res.Body.Close()
430430

431-
// --- Assertions ---
431+
// --- Assertions ---
432432

433433
// 1. Check status code (should be a redirect)
434434
if res.StatusCode != http.StatusFound { // loginHandler uses 302 Found
@@ -472,12 +472,12 @@ func TestConsentHandler(t *testing.T) {
472472
srv := httptest.NewServer(router)
473473
defer srv.Close()
474474

475-
// --- Prepare an authenticated session awaiting consent ---
475+
// --- Prepare an authenticated session awaiting consent ---
476476
clientID := "my-test-client"
477477
userID := "test-user-for-consent"
478478
// Add a valid redirect_uri matching the client config
479-
redirectURI := "http://localhost:3000/callback"
480-
originalAuthURL := fmt.Sprintf("%s/oauth2/auth?response_type=code&client_id=%s&scope=openid+profile+email&state=consent-test&redirect_uri=%s",
479+
redirectURI := "http://localhost:3000/callback"
480+
originalAuthURL := fmt.Sprintf("%s/oauth2/auth?response_type=code&client_id=%s&scope=openid+profile+email&state=consent-test&redirect_uri=%s",
481481
srv.URL, clientID, url.QueryEscape(redirectURI))
482482
requestedScopes := []string{"openid", "profile", "email"}
483483
sessionID := "auth_session_for_consent_" + fmt.Sprintf("%d", time.Now().UnixNano())
@@ -498,7 +498,7 @@ func TestConsentHandler(t *testing.T) {
498498
}
499499
defer delete(sessions, sessionID)
500500

501-
// --- Simulate Consent Form Submission (Allowing scopes) ---
501+
// --- Simulate Consent Form Submission (Allowing scopes) ---
502502
formData := url.Values{}
503503
formData.Set("consent", "Allow")
504504
formData.Set("csrf_token", csrfToken)
@@ -530,10 +530,10 @@ func TestConsentHandler(t *testing.T) {
530530
}
531531
defer res.Body.Close()
532532

533-
// --- Assertions ---
533+
// --- Assertions ---
534534

535535
// 1. Check status code (should be a redirect back to auth endpoint)
536-
if res.StatusCode != http.StatusFound {
536+
if res.StatusCode != http.StatusFound {
537537
t.Fatalf("Consent Test: Expected status code %d (Found), got %d", http.StatusFound, res.StatusCode)
538538
}
539539

@@ -562,7 +562,7 @@ func TestConsentHandler(t *testing.T) {
562562
actualGranted[s] = true
563563
}
564564
if len(actualGranted) != len(expectedGranted) {
565-
t.Errorf("Consent Test: Expected %d granted scopes (%v), but got %d (%v)",
565+
t.Errorf("Consent Test: Expected %d granted scopes (%v), but got %d (%v)",
566566
len(expectedGranted), expectedGranted, len(actualGranted), actualGranted)
567567
} else {
568568
for scope := range expectedGranted {
@@ -578,8 +578,8 @@ func TestConsentHandler(t *testing.T) {
578578

579579
// Helper function for logging token prefix safely
580580
func min(a, b int) int {
581-
if a < b {
582-
return a
583-
}
584-
return b
585-
}
581+
if a < b {
582+
return a
583+
}
584+
return b
585+
}

0 commit comments

Comments
 (0)