diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 08465b13..60d51c1d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -27,17 +27,31 @@ There are two ways of running the tests: - `make test` - runs the tests with http recordings. To run a specific test pass the `FILTER` var. Usage `make test FILTER="TestResourceServer_Read"`. - `make test-e2e` - runs the tests against a real Auth0 tenant. To run a specific test pass the `FILTER` var. Usage `make test-record FILTER="TestResourceServer_Read"`. -To run the tests against an Auth0 tenant start by creating an -[M2M app](https://auth0.com/docs/applications/set-up-an-application/register-machine-to-machine-applications) in the -tenant, that has been authorized to request access tokens for the Management API and has all the required permissions. +### Running against an Auth0 tenant + +To run the tests against an Auth0 tenant start by creating an M2M app using `auth0 apps create --name go-auth0-mgmt-tests --description "App used for go-auth0 management tests" --type m2m`, then +run `auth0 apps open `. Authorize the Management API in the `APIs` tab and enable all permissions. Then create a local `.env` file in the `management` folder with the following settings: -* `AUTH0_DOMAIN`: The **Domain** of the M2M app +* `AUTH0_DOMAIN`: The **Domain** of the Auth0 tenant * `AUTH0_CLIENT_ID`: The **Client ID** of the M2M app * `AUTH0_CLIENT_SECRET`: The **Client Secret** of the M2M app * `AUTH0_DEBUG`: Set to `true` to call the Management API in debug mode, which dumps the HTTP requests and responses to the output + +Now for the Authentication tests create another M2M app using `auth0 apps create --name go-auth0-auth-tests --description "App used for go-auth0 authentication tests" --type m2m`, then run +`auth0 apps open `. Ensure all `Grant Types` except `Client Credentials` are enabled in `Advanced Settings`, then set the `Authentication Method` to `None` in the `Credentials` tab. + +Then create a local `.env` file in the `authentication` folder with the following settings: + +* `AUTH0_DOMAIN`: The **Domain** of the Auth0 tenant +* `AUTH0_CLIENT_ID`: The **Client ID** of the management M2M app +* `AUTH0_CLIENT_SECRET`: The **Client Secret** of the management M2M app +* `AUTH0_AUTH_CLIENT_ID`: The **Client ID** of the authentication M2M app +* `AUTH0_AUTH_CLIENT_SECRET`: The **Client Secret** of the authentication M2M app +* `AUTH0_DEBUG`: Set to `true` to call the Management API in debug mode, which dumps the HTTP requests and responses to the output + > **Note** > The http test recordings can be found in the [recordings](./test/data/recordings) folder. diff --git a/authentication/authentication_test.go b/authentication/authentication_test.go index 885c0e21..dcbdfdda 100644 --- a/authentication/authentication_test.go +++ b/authentication/authentication_test.go @@ -24,15 +24,19 @@ import ( "github.com/auth0/go-auth0/authentication/database" "github.com/auth0/go-auth0/authentication/oauth" "github.com/auth0/go-auth0/internal/client" + "github.com/auth0/go-auth0/management" ) var ( domain = os.Getenv("AUTH0_DOMAIN") clientID = os.Getenv("AUTH0_AUTH_CLIENT_ID") clientSecret = os.Getenv("AUTH0_AUTH_CLIENT_SECRET") + mgmtClientID = os.Getenv("AUTH0_CLIENT_ID") + mgmtClientSecret = os.Getenv("AUTH0_CLIENT_SECRET") httpRecordings = os.Getenv("AUTH0_HTTP_RECORDINGS") httpRecordingsEnabled = false authAPI = &Authentication{} + mgmtAPI = &management.Management{} jwtPublicKey = `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8foXPIpkeLKAVfVg/W0X steFas2XwrxAGG0lnLS3mc/cYc/pD/plsR779O8It/2YmHFWIDmCIcW57boDae/K @@ -99,11 +103,20 @@ func initializeTestClient() { context.Background(), domain, WithClientID(clientID), - WithIDTokenSigningAlg("HS256"), + // WithIDTokenSigningAlg("HS256"), ) if err != nil { log.Fatal("failed to initialize the auth api client") } + + mgmtAPI, err = management.New( + domain, + management.WithClientCredentials(context.Background(), mgmtClientID, mgmtClientSecret), + ) + + if err != nil { + log.Fatal("failed to initialize the management api client") + } } func TestAuthenticationNew(t *testing.T) { @@ -188,7 +201,8 @@ func TestAuthenticationApiCallContextTimeout(t *testing.T) { } func TestUserInfo(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) user, err := authAPI.UserInfo(context.Background(), "test-access-token") @@ -487,3 +501,47 @@ func TestWithClockTolerance(t *testing.T) { }, oauth.IDTokenValidationOptions{}) assert.ErrorContains(t, err, "\"iat\" not satisfied") } + +func skipE2E(t *testing.T) { + t.Helper() + + if !httpRecordingsEnabled { + t.Skip("Skipped as cannot be test in E2E scenario") + } +} + +func usingRecordingResponses(t *testing.T) bool { + t.Helper() + + return httpRecordingsEnabled && domain == "go-auth0-dev.eu.auth0.com" +} + +func givenAUser(t *testing.T) userDetails { + t.Helper() + + if !usingRecordingResponses(t) { + user := &management.User{ + Connection: auth0.String("Username-Password-Authentication"), + Email: auth0.String("chuck@example.com"), + Password: auth0.String("Testpassword123!"), + Username: auth0.String("test-user"), + EmailVerified: auth0.Bool(true), + VerifyEmail: auth0.Bool(false), + } + + err := mgmtAPI.User.Create(context.Background(), user) + require.NoError(t, err) + + t.Cleanup(func() { + err := mgmtAPI.User.Delete(context.Background(), user.GetID()) + require.NoError(t, err) + }) + } + + return userDetails{ + connection: "Username-Password-Authentication", + email: "chuck@example.com", + password: "Testpassword123!", + username: "test-user", + } +} diff --git a/authentication/database_test.go b/authentication/database_test.go index d1f90e8a..843dd1a5 100644 --- a/authentication/database_test.go +++ b/authentication/database_test.go @@ -2,31 +2,39 @@ package authentication import ( "context" + "fmt" + "math/rand" "testing" + "time" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/auth0/go-auth0" "github.com/auth0/go-auth0/authentication/database" + "github.com/auth0/go-auth0/management" ) func TestDatabaseSignUp(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, authAPI) + + details := givenSignUpDetails(t) userData := database.SignupRequest{ - Connection: "Username-Password-Authentication", - Username: "mytestaccount", - Password: "mypassword", - Email: "mytestaccount@example.com", + Connection: details.connection, + Username: details.username, + Password: details.password, + Email: details.email, } createdUser, err := authAPI.Database.Signup(context.Background(), userData) - assert.NoError(t, err) + require.NoError(t, err) assert.NotEmpty(t, createdUser.ID) assert.Equal(t, userData.Username, createdUser.Username) } func TestDatabaseChangePassword(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, authAPI) resp, err := authAPI.Database.ChangePassword(context.Background(), database.ChangePasswordRequest{ Connection: "Username-Password-Authentication", @@ -36,3 +44,53 @@ func TestDatabaseChangePassword(t *testing.T) { assert.NoError(t, err) assert.Equal(t, "We've just sent you an email to reset your password.", resp) } + +type userDetails struct { + username string + password string + email string + connection string +} + +func givenSignUpDetails(t *testing.T) *userDetails { + t.Helper() + // If we're running from recordings then we want to return the default + if usingRecordingResponses(t) { + return &userDetails{ + username: "mytestaccount", + password: "mypassword", + email: "mytestaccount@example.com", + connection: "Username-Password-Authentication", + } + } + + conn := givenAConnection(t) + + return &userDetails{ + username: fmt.Sprintf("chuck%d", rand.Intn(999)), + password: "Passwords hide their chuck", + email: fmt.Sprintf("chuck%d@example.com", rand.Intn(999)), + connection: conn.GetName(), + } +} + +func givenAConnection(t *testing.T) management.Connection { + conn := &management.Connection{ + Name: auth0.Stringf("Test-Connection-%d", time.Now().Unix()), + Strategy: auth0.String("auth0"), + EnabledClients: &[]string{clientID, mgmtClientID}, + Options: &management.ConnectionOptions{ + RequiresUsername: auth0.Bool(true), + }, + } + + err := mgmtAPI.Connection.Create(context.Background(), conn) + require.NoError(t, err) + + t.Cleanup(func() { + err := mgmtAPI.Connection.Delete(context.Background(), conn.GetID()) + require.NoError(t, err) + }) + + return *conn +} diff --git a/authentication/http_recordings_test.go b/authentication/http_recordings_test.go index cc22533e..44fb975e 100644 --- a/authentication/http_recordings_test.go +++ b/authentication/http_recordings_test.go @@ -25,20 +25,20 @@ const ( recordingsDomain = "go-auth0-dev.eu.auth0.com" ) -func configureHTTPTestRecordings(t *testing.T) { +func configureHTTPTestRecordings(t *testing.T, auth *Authentication) { t.Helper() if !httpRecordingsEnabled { return } - initialTransport := authAPI.http.Transport + initialTransport := auth.http.Transport recorderTransport, err := recorder.NewWithOptions( &recorder.Options{ CassetteName: recordingsDIR + t.Name(), Mode: recorder.ModeRecordOnce, - RealTransport: authAPI.http.Transport, + RealTransport: auth.http.Transport, SkipRequestLatency: true, }, ) @@ -46,7 +46,7 @@ func configureHTTPTestRecordings(t *testing.T) { removeSensitiveDataFromRecordings(t, recorderTransport) - authAPI.http.Transport = recorderTransport + auth.http.Transport = recorderTransport // Set a custom matcher that will ensure the request body matches the recording. recorderTransport.SetMatcher(func(r *http.Request, i cassette.Request) bool { @@ -104,7 +104,7 @@ func configureHTTPTestRecordings(t *testing.T) { t.Cleanup(func() { err := recorderTransport.Stop() require.NoError(t, err) - authAPI.http.Transport = initialTransport + auth.http.Transport = initialTransport }) } @@ -195,7 +195,7 @@ func redactTokens(t *testing.T, i *cassette.Interaction) { require.NoError(t, err) tokenSet.AccessToken = "test-access-token" - tokenSet.IDToken = "test-id-token" + tokenSet.IDToken = "" // Unset IDToken rather than strip it as we don't want to verify it if tokenSet.RefreshToken != "" { tokenSet.RefreshToken = "test-refresh-token" diff --git a/authentication/oauth_test.go b/authentication/oauth_test.go index 25d1f31c..be9104c8 100644 --- a/authentication/oauth_test.go +++ b/authentication/oauth_test.go @@ -19,30 +19,36 @@ import ( ) func TestOAuthLoginWithPassword(t *testing.T) { + auth, err := New( + context.Background(), + domain, + WithClientID(clientID), + ) + require.NoError(t, err) t.Run("Should return tokens", func(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, auth) + user := givenAUser(t) - tokenSet, err := authAPI.OAuth.LoginWithPassword(context.Background(), oauth.LoginWithPasswordRequest{ - Username: "testuser", - Password: "testuser123", + tokenSet, err := auth.OAuth.LoginWithPassword(context.Background(), oauth.LoginWithPasswordRequest{ + Username: user.username, + Password: user.password, }, oauth.IDTokenValidationOptions{}) - assert.NoError(t, err) + require.NoError(t, err) assert.NotEmpty(t, tokenSet.AccessToken) assert.Equal(t, "Bearer", tokenSet.TokenType) }) t.Run("Should support passing extra options", func(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, auth) + user := givenAUser(t) - tokenSet, err := authAPI.OAuth.LoginWithPassword(context.Background(), oauth.LoginWithPasswordRequest{ - Username: "testuser", - Password: "testuser123", - Realm: "my-realm", + tokenSet, err := auth.OAuth.LoginWithPassword(context.Background(), oauth.LoginWithPasswordRequest{ + Username: user.username, + Password: user.password, Scope: "extra-scope", ExtraParameters: map[string]string{ "extra": "value", }, - Audience: "test-audience", }, oauth.IDTokenValidationOptions{}) assert.NoError(t, err) assert.NotEmpty(t, tokenSet.AccessToken) @@ -60,7 +66,7 @@ func TestLoginWithAuthCode(t *testing.T) { }) t.Run("Should throw for an invalid code", func(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, authAPI) _, err := authAPI.OAuth.LoginWithAuthCode(context.Background(), oauth.LoginWithAuthCodeRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -73,7 +79,8 @@ func TestLoginWithAuthCode(t *testing.T) { }) t.Run("Should return tokens", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithAuthCode(context.Background(), oauth.LoginWithAuthCodeRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -88,7 +95,8 @@ func TestLoginWithAuthCode(t *testing.T) { }) t.Run("Should support setting a redirect uri", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithAuthCode(context.Background(), oauth.LoginWithAuthCodeRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -106,7 +114,7 @@ func TestLoginWithAuthCode(t *testing.T) { func TestLoginWithAuthCodeWithPKCE(t *testing.T) { t.Run("Should throw for an invalid code", func(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, authAPI) _, err := authAPI.OAuth.LoginWithAuthCodeWithPKCE(context.Background(), oauth.LoginWithAuthCodeWithPKCERequest{ Code: "test-invalid-code", @@ -117,7 +125,7 @@ func TestLoginWithAuthCodeWithPKCE(t *testing.T) { }) t.Run("Should throw for an invalid code verifier", func(t *testing.T) { - configureHTTPTestRecordings(t) + configureHTTPTestRecordings(t, authAPI) _, err := authAPI.OAuth.LoginWithAuthCodeWithPKCE(context.Background(), oauth.LoginWithAuthCodeWithPKCERequest{ Code: "test-code", @@ -128,7 +136,8 @@ func TestLoginWithAuthCodeWithPKCE(t *testing.T) { }) t.Run("Should return tokens", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithAuthCodeWithPKCE(context.Background(), oauth.LoginWithAuthCodeWithPKCERequest{ Code: "test-code", @@ -141,7 +150,8 @@ func TestLoginWithAuthCodeWithPKCE(t *testing.T) { }) t.Run("Should support setting a redirect uri", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithAuthCodeWithPKCE(context.Background(), oauth.LoginWithAuthCodeWithPKCERequest{ Code: "test-code", @@ -165,7 +175,8 @@ func TestLoginWithClientCredentials(t *testing.T) { }) t.Run("Should return tokens", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithClientCredentials(context.Background(), oauth.LoginWithClientCredentialsRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -180,7 +191,8 @@ func TestLoginWithClientCredentials(t *testing.T) { }) t.Run("Should allow overriding clientid", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithClientCredentials(context.Background(), oauth.LoginWithClientCredentialsRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -196,7 +208,7 @@ func TestLoginWithClientCredentials(t *testing.T) { }) t.Run("Should support using private key jwt auth", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) api, err := New( context.Background(), @@ -205,8 +217,8 @@ func TestLoginWithClientCredentials(t *testing.T) { WithClientID(clientID), WithClientAssertion(jwtPrivateKey, "RS256"), ) - require.NoError(t, err) + configureHTTPTestRecordings(t, api) tokenSet, err := api.OAuth.LoginWithClientCredentials(context.Background(), oauth.LoginWithClientCredentialsRequest{ Audience: "test-audience", @@ -218,7 +230,8 @@ func TestLoginWithClientCredentials(t *testing.T) { }) t.Run("Should support passing private key jwt auth", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) auth, err := createClientAssertion("RS256", jwtPrivateKey, clientID, "https://"+domain+"/") require.NoError(t, err) @@ -255,7 +268,8 @@ func TestLoginWithClientCredentials(t *testing.T) { }) t.Run("Should support passing an organization", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.LoginWithClientCredentials(context.Background(), oauth.LoginWithClientCredentialsRequest{ ClientAuthentication: oauth.ClientAuthentication{ @@ -273,7 +287,8 @@ func TestLoginWithClientCredentials(t *testing.T) { func TestRefreshToken(t *testing.T) { t.Run("Should return tokens", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.RefreshToken(context.Background(), oauth.RefreshTokenRequest{ RefreshToken: "test-refresh-token", @@ -287,7 +302,8 @@ func TestRefreshToken(t *testing.T) { }) t.Run("Should return tokens with reduced scopes", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) tokenSet, err := authAPI.OAuth.RefreshToken(context.Background(), oauth.RefreshTokenRequest{ RefreshToken: "test-refresh-token", @@ -304,7 +320,8 @@ func TestRefreshToken(t *testing.T) { func TestRevokeRefreshToken(t *testing.T) { t.Run("Should revoke token", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) err := authAPI.OAuth.RevokeRefreshToken(context.Background(), oauth.RevokeRefreshTokenRequest{ Token: "test-refresh-token", @@ -314,7 +331,7 @@ func TestRevokeRefreshToken(t *testing.T) { }) t.Run("Should support passing a ClientID and ClientSecret", func(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) auth, err := New( context.Background(), @@ -324,6 +341,7 @@ func TestRevokeRefreshToken(t *testing.T) { WithIDTokenSigningAlg("HS256"), ) assert.NoError(t, err) + configureHTTPTestRecordings(t, auth) err = auth.OAuth.RevokeRefreshToken(context.Background(), oauth.RevokeRefreshTokenRequest{ Token: "test-refresh-token", @@ -332,7 +350,7 @@ func TestRevokeRefreshToken(t *testing.T) { }) } -func TestWithIDTokenVerification(t *testing.T) { +func TestOAuthWithIDTokenVerification(t *testing.T) { t.Run("error for an invalid organization when using org_id", func(t *testing.T) { extras := map[string]interface{}{ "org_id": "org_123", diff --git a/authentication/passwordless_test.go b/authentication/passwordless_test.go index 22c5ccde..f24fb7ee 100644 --- a/authentication/passwordless_test.go +++ b/authentication/passwordless_test.go @@ -13,7 +13,8 @@ import ( ) func TestSendEmail(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) r, err := authAPI.Passwordless.SendEmail(context.Background(), passwordless.SendEmailRequest{ Email: "test-email@example.com", @@ -26,7 +27,8 @@ func TestSendEmail(t *testing.T) { } func TestLoginWithEmail(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) token, err := authAPI.Passwordless.LoginWithEmail(context.Background(), passwordless.LoginWithEmailRequest{ Code: "123456", @@ -41,7 +43,8 @@ func TestLoginWithEmail(t *testing.T) { } func TestSendSMS(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) r, err := authAPI.Passwordless.SendSMS(context.Background(), passwordless.SendSMSRequest{ PhoneNumber: "+123456789", @@ -53,7 +56,8 @@ func TestSendSMS(t *testing.T) { } func TestLoginWithSMS(t *testing.T) { - configureHTTPTestRecordings(t) + skipE2E(t) + configureHTTPTestRecordings(t, authAPI) token, err := authAPI.Passwordless.LoginWithSMS(context.Background(), passwordless.LoginWithSMSRequest{ PhoneNumber: "+123456789", @@ -69,6 +73,7 @@ func TestLoginWithSMS(t *testing.T) { func TestPasswordlessWithIDTokenVerification(t *testing.T) { t.Run("error for an invalid organization when using org_id", func(t *testing.T) { + skipE2E(t) extras := map[string]interface{}{ "org_id": "org_124", } @@ -86,6 +91,7 @@ func TestPasswordlessWithIDTokenVerification(t *testing.T) { }) t.Run("error for an invalid organization when using org_name", func(t *testing.T) { + skipE2E(t) extras := map[string]interface{}{ "org_name": "wrong-org", } @@ -103,6 +109,7 @@ func TestPasswordlessWithIDTokenVerification(t *testing.T) { }) t.Run("error for an invalid nonce", func(t *testing.T) { + skipE2E(t) extras := map[string]interface{}{ "nonce": "wrong-nonce", } @@ -120,6 +127,7 @@ func TestPasswordlessWithIDTokenVerification(t *testing.T) { }) t.Run("error for an invalid maxage", func(t *testing.T) { + skipE2E(t) extras := map[string]interface{}{ "auth_time": time.Now().Add(-500 * time.Second).Unix(), } @@ -139,8 +147,7 @@ func TestPasswordlessWithIDTokenVerification(t *testing.T) { func TestPasswordlessWithClientAssertion(t *testing.T) { t.Run("Should support using private key jwt auth", func(t *testing.T) { - configureHTTPTestRecordings(t) - + skipE2E(t) api, err := New( context.Background(), domain, @@ -150,6 +157,7 @@ func TestPasswordlessWithClientAssertion(t *testing.T) { ) require.NoError(t, err) + configureHTTPTestRecordings(t, api) r, err := api.Passwordless.SendSMS(context.Background(), passwordless.SendSMSRequest{ PhoneNumber: "+123456789", @@ -161,8 +169,7 @@ func TestPasswordlessWithClientAssertion(t *testing.T) { }) t.Run("Should support passing private key jwt auth", func(t *testing.T) { - configureHTTPTestRecordings(t) - + skipE2E(t) api, err := New( context.Background(), domain, @@ -170,6 +177,7 @@ func TestPasswordlessWithClientAssertion(t *testing.T) { WithClientID(clientID), ) require.NoError(t, err) + configureHTTPTestRecordings(t, api) auth, err := createClientAssertion("RS256", jwtPrivateKey, clientID, "https://"+domain+"/") require.NoError(t, err) diff --git a/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_return_tokens.yaml b/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_return_tokens.yaml index e10828ec..aa087519 100644 --- a/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_return_tokens.yaml +++ b/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_return_tokens.yaml @@ -6,22 +6,22 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 101 + content_length: 109 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" - body: client_id=test-client_id&grant_type=password&password=testuser123&username=testuser + body: client_id=test-client_id&grant_type=password&password=Testpassword123%21&username=test-user form: client_id: - test-client_id grant_type: - password password: - - testuser123 + - Testpassword123! username: - - testuser + - test-user headers: Content-Type: - application/x-www-form-urlencoded @@ -35,10 +35,10 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"access_token":"test-access-token","expires_in":86400,"token_type":"Bearer"}' + body: '{"access_token":"test-access-token","expires_in":86400,"scope":"openid profile email address phone","token_type":"Bearer"}' headers: Content-Type: - application/json status: 200 OK code: 200 - duration: 330.676ms + duration: 511.569542ms diff --git a/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_support_passing_extra_options.yaml b/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_support_passing_extra_options.yaml index f3d77d22..38d7b78d 100644 --- a/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_support_passing_extra_options.yaml +++ b/test/data/recordings/authentication/TestOAuthLoginWithPassword/Should_support_passing_extra_options.yaml @@ -6,30 +6,26 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 101 + content_length: 139 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" - body: client_id=test-client_id&extra=value&grant_type=http%3A%2F%2Fauth0.com%2Foauth%2Fgrant-type%2Fpassword-realm&password=testuser123&realm=my-realm&scope=extra-scope&username=testuser&audience=test-audience + body: client_id=test-client_id&extra=value&grant_type=password&password=Testpassword123%21&scope=extra-scope&username=test-user form: client_id: - test-client_id - grant_type: - - http://auth0.com/oauth/grant-type/password-realm extra: - value + grant_type: + - password password: - - testuser123 - username: - - testuser - realm: - - my-realm + - Testpassword123! scope: - extra-scope - audience: - - test-audience + username: + - test-user headers: Content-Type: - application/x-www-form-urlencoded @@ -49,4 +45,4 @@ interactions: - application/json status: 200 OK code: 200 - duration: 330.676ms + duration: 334.232958ms