diff options
Diffstat (limited to 'tests/user.rs')
| -rw-r--r-- | tests/user.rs | 193 |
1 files changed, 193 insertions, 0 deletions
diff --git a/tests/user.rs b/tests/user.rs new file mode 100644 index 0000000..9ca808d --- /dev/null +++ b/tests/user.rs @@ -0,0 +1,193 @@ +use forgejo_api::structs::*; + +mod common; + +#[tokio::test] +async fn myself() { + let api = common::login(); + + let myself = api.user_get_current().await.unwrap(); + assert!(myself.is_admin.unwrap(), "user should be admin"); + assert_eq!( + myself.login.as_ref().unwrap(), + "TestingAdmin", + "user should be named \"TestingAdmin\"" + ); + + let myself_indirect = api.user_get("TestingAdmin").await.unwrap(); + assert_eq!( + myself, myself_indirect, + "result of `myself` does not match result of `get_user`" + ); +} + +#[tokio::test] +async fn follow() { + let api = common::login(); + + let query = UserListFollowingQuery::default(); + let following = api + .user_list_following("TestingAdmin", query) + .await + .unwrap(); + assert!(following.is_empty(), "following list not empty"); + + let query = UserListFollowersQuery::default(); + let followers = api + .user_list_followers("TestingAdmin", query) + .await + .unwrap(); + assert!(followers.is_empty(), "follower list not empty"); + + let option = CreateUserOption { + created_at: None, + email: "follower@no-reply.example.org".into(), + full_name: None, + login_name: None, + must_change_password: Some(false), + password: Some("password".into()), + restricted: None, + send_notify: None, + source_id: None, + username: "Follower".into(), + visibility: None, + }; + let _ = api.admin_create_user(option).await.unwrap(); + let new_user = common::login_pass("Follower", "password"); + + new_user + .user_current_put_follow("TestingAdmin") + .await + .unwrap(); + api.user_current_put_follow("Follower").await.unwrap(); + + let query = UserListFollowingQuery::default(); + let following = api + .user_list_following("TestingAdmin", query) + .await + .unwrap(); + assert!(!following.is_empty(), "following list empty"); + + let query = UserListFollowersQuery::default(); + let followers = api + .user_list_followers("TestingAdmin", query) + .await + .unwrap(); + assert!(!followers.is_empty(), "follower list empty"); +} + +#[tokio::test] +async fn password_login() { + let api = common::login(); + let password_api = common::login_pass("TestingAdmin", "password"); + + assert!( + api.user_get_current().await.unwrap() == password_api.user_get_current().await.unwrap(), + "users not equal comparing token-auth and pass-auth" + ); +} + +#[tokio::test] +async fn oauth2_login() { + let api = common::login(); + let opt = forgejo_api::structs::CreateOAuth2ApplicationOptions { + confidential_client: Some(true), + name: Some("Test Application".into()), + redirect_uris: Some(vec!["http://127.0.0.1:48879/".into()]), + }; + let app = api.user_create_oauth2_application(opt).await.unwrap(); + let client_id = app.client_id.unwrap(); + let client_secret = app.client_secret.unwrap(); + + let base_url = &std::env::var("FORGEJO_API_CI_INSTANCE_URL").unwrap(); + + let client = reqwest::Client::builder() + .cookie_store(true) + .redirect(reqwest::redirect::Policy::none()) + .build() + .unwrap(); + + // Log in via the web interface + let _ = client + .post(&format!("{base_url}user/login")) + .form(&[("user_name", "TestingAdmin"), ("password", "password")]) + .send() + .await + .unwrap() + .error_for_status() + .unwrap(); + + // Load the authorization page + let response = client + .get(&format!( + "{base_url}login/oauth/authorize\ + ?client_id={client_id}\ + &redirect_uri=http%3A%2F%2F127.0.0.1%3A48879%2F\ + &response_type=code\ + &state=theyve" + )) + .send() + .await + .unwrap() + .error_for_status() + .unwrap(); + let csrf = response.cookies().find(|x| x.name() == "_csrf").unwrap(); + + // Authorize the new application via the web interface + let response = client + .post(&format!("{base_url}login/oauth/grant")) + .form(&[ + ("_csrf", csrf.value()), + ("client_id", &client_id), + ("state", "theyve"), + ("scope", ""), + ("nonce", ""), + ("redirect_uri", "http://127.0.0.1:48879/"), + ]) + .send() + .await + .unwrap() + .error_for_status() + .unwrap(); + + // Extract the code from the redirect url + let location = response.headers().get(reqwest::header::LOCATION).unwrap(); + let location = url::Url::parse(dbg!(location.to_str().unwrap())).unwrap(); + let mut code = None; + for (key, value) in location.query_pairs() { + if key == "code" { + code = Some(value.into_owned()); + } else if key == "error_description" { + panic!("{value}"); + } + } + let code = code.unwrap(); + + // Redeem the code and check it works + let url = url::Url::parse(&base_url).unwrap(); + let api = forgejo_api::Forgejo::new(forgejo_api::Auth::None, url.clone()).unwrap(); + + let request = forgejo_api::structs::OAuthTokenRequest::Confidential { + client_id: &client_id, + client_secret: &client_secret, + code: &code, + redirect_uri: url::Url::parse("http://127.0.0.1:48879/").unwrap(), + }; + let token = api.oauth_get_access_token(request).await.unwrap(); + let token_api = + forgejo_api::Forgejo::new(forgejo_api::Auth::OAuth2(&token.access_token), url.clone()) + .unwrap(); + let myself = token_api.user_get_current().await.unwrap(); + assert_eq!(myself.login.as_deref(), Some("TestingAdmin")); + + let request = forgejo_api::structs::OAuthTokenRequest::Refresh { + refresh_token: &token.refresh_token, + client_id: &client_id, + client_secret: &client_secret, + }; + let token = token_api.oauth_get_access_token(request).await.unwrap(); + let token_api = + forgejo_api::Forgejo::new(forgejo_api::Auth::OAuth2(&token.access_token), url).unwrap(); + let myself = token_api.user_get_current().await.unwrap(); + assert_eq!(myself.login.as_deref(), Some("TestingAdmin")); +} |