server metadata test
This commit is contained in:
		| @@ -432,7 +432,15 @@ export class OAuth2ProviderService { | ||||
| 				issuer: this.config.url, | ||||
| 				authorization_endpoint: new URL('/oauth/authorize', this.config.url), | ||||
| 				token_endpoint: new URL('/oauth/token', this.config.url), | ||||
| 				// TODO: support or not? | ||||
| 				// introspection_endpoint: ... | ||||
| 				// introspection_endpoint_auth_methods_supported: ... | ||||
| 				scopes_supported: kinds, | ||||
| 				response_types_supported: ['code'], | ||||
| 				grant_types_supported: ['authorization_code'], | ||||
| 				service_documentation: 'https://misskey-hub.net', | ||||
| 				code_challenge_methods_supported: ['S256'], | ||||
| 				authorization_response_iss_parameter_supported: true, | ||||
| 			}); | ||||
| 		}); | ||||
|  | ||||
|   | ||||
| @@ -7,6 +7,8 @@ import { AuthorizationCode } from 'simple-oauth2'; | ||||
| import pkceChallenge from 'pkce-challenge'; | ||||
| import { JSDOM } from 'jsdom'; | ||||
|  | ||||
| const host = `http://127.0.0.1:${port}`; | ||||
|  | ||||
| const clientPort = port + 1; | ||||
| const redirect_uri = `http://127.0.0.1:${clientPort}/redirect`; | ||||
|  | ||||
| @@ -16,7 +18,7 @@ function getClient(): AuthorizationCode<'client_id'> { | ||||
| 			id: `http://127.0.0.1:${clientPort}/`, | ||||
| 		}, | ||||
| 		auth: { | ||||
| 			tokenHost: `http://127.0.0.1:${port}`, | ||||
| 			tokenHost: host, | ||||
| 			tokenPath: '/oauth/token', | ||||
| 			authorizePath: '/oauth/authorize', | ||||
| 		}, | ||||
| @@ -32,7 +34,7 @@ function getTransactionId(html: string): string | undefined { | ||||
| } | ||||
|  | ||||
| function fetchDecision(cookie: string, transactionId: string, user: any, { cancel }: { cancel?: boolean } = {}): Promise<Response> { | ||||
| 	return fetch(`http://127.0.0.1:${port}/oauth/decision`, { | ||||
| 	return fetch(new URL('/oauth/decision', host), { | ||||
| 		method: 'post', | ||||
| 		body: new URLSearchParams({ | ||||
| 			transaction_id: transactionId!, | ||||
| @@ -535,7 +537,14 @@ describe('OAuth', () => { | ||||
| 		// TODO: disallow random same-origin URLs with strict redirect_uris with client information discovery | ||||
| 	}); | ||||
|  | ||||
| 	// TODO: .well-known/oauth-authorization-server | ||||
| 	test('Server metadata', async () => { | ||||
| 		const response = await fetch(new URL('.well-known/oauth-authorization-server', host)); | ||||
| 		assert.strictEqual(response.status, 200); | ||||
|  | ||||
| 		const body = await response.json(); | ||||
| 		assert.strictEqual(body.issuer, 'http://misskey.local'); | ||||
| 		assert.ok(body.scopes_supported.includes('write:notes')); | ||||
| 	}); | ||||
|  | ||||
| 	// TODO: authorizing two users concurrently | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Kagami Sascha Rosylight
					Kagami Sascha Rosylight