Rewrite and enable OAuth2ImplicitGrantTests

Author: DominikPalo

OAuth2.xcodeproj/project.pbxproj

@@ -46,6 +46,7 @@
 		879EE6F72CF61295008B3D74 /* OAuth2TokenTypeIdentifiers.swift in Sources */ = {isa = PBXBuildFile; fileRef = 879EE6EE2CF61295008B3D74 /* OAuth2TokenTypeIdentifiers.swift */; };
 		879EE6F82CF61295008B3D74 /* OAuth2GrantTypes.swift in Sources */ = {isa = PBXBuildFile; fileRef = 879EE6EC2CF61295008B3D74 /* OAuth2GrantTypes.swift */; };
 		87B3E07C29F6AF240075C4DC /* OAuth2DeviceGrantTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 87B3E07B29F6AF240075C4DC /* OAuth2DeviceGrantTests.swift */; };
+		87FABDD32DC8D77000E0C67B /* XCTAssertThrowsErrorAsync.swift in Sources */ = {isa = PBXBuildFile; fileRef = 87FABDD22DC8D77000E0C67B /* XCTAssertThrowsErrorAsync.swift */; };
 		CCCE40D6B4EAD9BF05C92ACE /* OAuth2CustomAuthorizer+iOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = CCCE4C8DC3CB7713E59BC1EE /* OAuth2CustomAuthorizer+iOS.swift */; };
 		DD0CCBAD1C4DC83A0044C4E3 /* OAuth2WebViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = DD0CCBAC1C4DC83A0044C4E3 /* OAuth2WebViewController+macOS.swift */; };
 		EA9758181B222CEA007744B1 /* OAuth2PasswordGrant.swift in Sources */ = {isa = PBXBuildFile; fileRef = EA9758171B222CEA007744B1 /* OAuth2PasswordGrant.swift */; };
@@ -187,6 +188,7 @@
 		879EE6ED2CF61295008B3D74 /* OAuth2ResponseTypes.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OAuth2ResponseTypes.swift; sourceTree = "<group>"; };
 		879EE6EE2CF61295008B3D74 /* OAuth2TokenTypeIdentifiers.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OAuth2TokenTypeIdentifiers.swift; sourceTree = "<group>"; };
 		87B3E07B29F6AF240075C4DC /* OAuth2DeviceGrantTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OAuth2DeviceGrantTests.swift; sourceTree = "<group>"; };
+		87FABDD22DC8D77000E0C67B /* XCTAssertThrowsErrorAsync.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = XCTAssertThrowsErrorAsync.swift; sourceTree = "<group>"; };
 		CCCE4C8DC3CB7713E59BC1EE /* OAuth2CustomAuthorizer+iOS.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "OAuth2CustomAuthorizer+iOS.swift"; sourceTree = "<group>"; };
 		DD0CCBAC1C4DC83A0044C4E3 /* OAuth2WebViewController+macOS.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "OAuth2WebViewController+macOS.swift"; sourceTree = "<group>"; };
 		EA9758171B222CEA007744B1 /* OAuth2PasswordGrant.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; lineEnding = 0; path = OAuth2PasswordGrant.swift; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = xcode.lang.swift; };
@@ -305,6 +307,14 @@
 			path = Constants;
 			sourceTree = "<group>";
 		};
+		87FABDD52DC8D7C300E0C67B /* Utils */ = {
+			isa = PBXGroup;
+			children = (
+				87FABDD22DC8D77000E0C67B /* XCTAssertThrowsErrorAsync.swift */,
+			);
+			path = Utils;
+			sourceTree = "<group>";
+		};
 		EE2486281AC85DD4002B31AF /* iOS */ = {
 			isa = PBXGroup;
 			children = (
@@ -474,6 +484,7 @@
 				EE4EBD801D7FF38200E6A9CA /* Flows */,
 				EEB9A9811D86CD540022EF66 /* DataLoader */,
 				EEE209A419427DFE00736F1A /* Supporting Files */,
+				87FABDD52DC8D7C300E0C67B /* Utils */,
 			);
 			path = Tests;
 			sourceTree = "<group>";
@@ -806,6 +817,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				EE4EBD8D1D7FF38200E6A9CA /* OAuth2PasswordGrantTests.swift in Sources */,
+				87FABDD32DC8D77000E0C67B /* XCTAssertThrowsErrorAsync.swift in Sources */,
 				EE4EBD881D7FF38200E6A9CA /* OAuth2AuthRequestTests.swift in Sources */,
 				EE4EBD891D7FF38200E6A9CA /* OAuth2ClientCredentialsTests.swift in Sources */,
 				871279852DB7DD1B00A5AF72 /* OAuth2ExchangeAccessTokenForResourceTests.swift in Sources */,

Tests/FlowTests/OAuth2CodeGrantTests.swift

@@ -376,7 +376,7 @@ class OAuth2CodeGrantTests: XCTestCase {
 		XCTAssertEqual(comp.host!, "auth.ful.io", "Correct host")
 	}
 
-	func testTokenResponse() async {
+	func testTokenResponse() async throws {
 		let settings = [
 			"client_id": "abc",
 			"client_secret": "xyz",
@@ -471,21 +471,16 @@ class OAuth2CodeGrantTests: XCTestCase {
 		performer.responseJSON = response
 		performer.responseStatus = 403
 		oauth.context.redirectURL = "https://localhost"
-//		oauth.didAuthorizeOrFail = { json, error in
-//			XCTAssertNil(json)
-//			XCTAssertNotNil(error)
-//			XCTAssertEqual(OAuth2Error.forbidden, error)
-//		}
-		await oauth.exchangeCodeForToken("MNOP")
+
+		await XCTAssertThrowsErrorAsync(try await oauth.exchangeCodeForToken("MNOP")) { error in
+			XCTAssertEqual(OAuth2Error.forbidden, error.asOAuth2Error)
+		}
 
 		// test round trip - should succeed because of good HTTP status
 		performer.responseStatus = 301
-//		oauth.didAuthorizeOrFail = { json, error in
-//			XCTAssertNotNil(json)
-//			XCTAssertNil(error)
-//			XCTAssertEqual("tGzv3JOkF0XG5Qx2TlKWIA", json?["refresh_token"] as? String)
-//		}
-		await oauth.exchangeCodeForToken("MNOP")
+
+		let json = try await oauth.exchangeCodeForToken("MNOP")
+		XCTAssertEqual("tGzv3JOkF0XG5Qx2TlKWIA", json["refresh_token"] as? String)
 	}
 }
 

Tests/FlowTests/OAuth2ImplicitGrantTests.swift

@@ -31,138 +31,109 @@ import OAuth2
 #endif
 
 
-//class OAuth2ImplicitGrantTests: XCTestCase
-//{
-//	func testInit() {
-//		let oauth = OAuth2ImplicitGrant(settings: [
-//			"client_id": "abc",
-//			"keychain": false,
-//			"authorize_uri": "https://auth.ful.io",
-//		])
-//		XCTAssertEqual(oauth.clientId, "abc", "Must init `client_id`")
-//		XCTAssertNil(oauth.scope, "Empty scope")
-//		
-//		XCTAssertEqual(oauth.authURL, URL(string: "https://auth.ful.io")!, "Must init `authorize_uri`")
-//	}
-//	
-//	func testReturnURLHandling() {
-//		let oauth = OAuth2ImplicitGrant(settings: [
-//			"client_id": "abc",
-//			"authorize_uri": "https://auth.ful.io",
-//			"keychain": false,
-//		])
-//		
-//		// Empty redirect URL
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.invalidRedirectURL("file:///"))
-//		}
-//		oauth.afterAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//		}
-//		oauth.context._state = "ONSTUH"
-//		oauth.handleRedirectURL(URL(string: "file:///")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// No params in redirect URL
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.invalidRedirectURL("https://auth.ful.io"))
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// standard error
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.accessDenied(nil))
-//			XCTAssertEqual(error?.description, "The resource owner or authorization server denied the request.")
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#error=access_denied")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// explicit error
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertNotEqual(error, OAuth2Error.generic("Not good"))
-//			XCTAssertEqual(error, OAuth2Error.responseError("Not good"))
-//			XCTAssertEqual(error?.description, "Not good")
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#error_description=Not+good")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// no token type
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.noTokenType)
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#access_token=abc&state=\(oauth.context.state)")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// unsupported token type
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.unsupportedTokenType("Only “bearer” token is supported, but received “helicopter”"))
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=helicopter&access_token=abc&state=\(oauth.context.state)")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// Missing state
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.missingState)
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// Invalid state
-//		oauth.context._state = "ONSTUH"		// because it has been reset
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNil(authParameters, "Nil auth dict expected")
-//			XCTAssertNotNil(error, "Error message expected")
-//			XCTAssertEqual(error, OAuth2Error.invalidState)
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=ONSTOH")!)
-//		XCTAssertNil(oauth.accessToken, "Must not have an access token")
-//		
-//		// success 1
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNotNil(authParameters, "auth parameters expected")
-//			XCTAssertNil(error, "No error message expected")
-//		}
-//		oauth.afterAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNotNil(authParameters, "auth parameters expected")
-//			XCTAssertNil(error, "No error message expected")
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=\(oauth.context.state)&expires_in=3599")!)
-//		XCTAssertNotNil(oauth.accessToken, "Must have an access token")
-//		XCTAssertEqual(oauth.accessToken!, "abc")
-//		XCTAssertNotNil(oauth.accessTokenExpiry)
-//		XCTAssertTrue(oauth.hasUnexpiredAccessToken())
-//		
-//		// success 2
-//		oauth.didAuthorizeOrFail = { authParameters, error in
-//			XCTAssertNotNil(authParameters, "auth parameters expected")
-//			XCTAssertNil(error, "No error message expected")
-//		}
-//		oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=\(oauth.context.state)")!)
-//		XCTAssertNotNil(oauth.accessToken, "Must have an access token")
-//		XCTAssertEqual(oauth.accessToken!, "abc")
-//		XCTAssertNil(oauth.accessTokenExpiry)
-//		XCTAssertTrue(oauth.hasUnexpiredAccessToken())
-//	}
-//}
-
+@OAuth2Actor
+class OAuth2ImplicitGrantTests: XCTestCase
+{
+	func testInit() {
+		let oauth = OAuth2ImplicitGrant(settings: [
+			"client_id": "abc",
+			"keychain": false,
+			"authorize_uri": "https://auth.ful.io",
+		])
+		XCTAssertEqual(oauth.clientId, "abc", "Must init `client_id`")
+		XCTAssertNil(oauth.scope, "Empty scope")
+		
+		XCTAssertEqual(oauth.authURL, URL(string: "https://auth.ful.io")!, "Must init `authorize_uri`")
+	}
+	
+	func testReturnURLHandling() async {
+		let oauth = OAuth2ImplicitGrant(settings: [
+			"client_id": "abc",
+			"authorize_uri": "https://auth.ful.io",
+			"keychain": false,
+		])
+		
+		// Empty redirect URL
+		oauth.afterAuthorizeOrFail = { authParameters, error in
+			XCTAssertNil(authParameters, "Nil auth dict expected")
+			XCTAssertNotNil(error, "Error message expected")
+		}
+	
+		oauth.context._state = "ONSTUH"
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "file:///")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.invalidRedirectURL("file:///"))
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// No params in redirect URL
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.invalidRedirectURL("https://auth.ful.io"))
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// standard error
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#error=access_denied")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.accessDenied(nil))
+			XCTAssertEqual(error.asOAuth2Error.description, "The resource owner or authorization server denied the request.")
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// explicit error
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#error_description=Not+good")!)) { error in
+			XCTAssertNotEqual(error.asOAuth2Error, OAuth2Error.generic("Not good"))
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.responseError("Not good"))
+			XCTAssertEqual(error.asOAuth2Error.description, "Not good")
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// no token type
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#access_token=abc&state=\(oauth.context.state)")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.noTokenType)
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// unsupported token type
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=helicopter&access_token=abc&state=\(oauth.context.state)")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.unsupportedTokenType("Only “bearer” token is supported, but received “helicopter”"))
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// Missing state
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.missingState)
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// Invalid state
+		oauth.context._state = "ONSTUH"		// because it has been reset
+		await XCTAssertThrowsErrorAsync(try await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=ONSTOH")!)) { error in
+			XCTAssertEqual(error.asOAuth2Error, OAuth2Error.invalidState)
+		}
+		XCTAssertNil(oauth.accessToken, "Must not have an access token")
+		
+		// success 1
+		oauth.afterAuthorizeOrFail = { authParameters, error in
+			XCTAssertNotNil(authParameters, "auth parameters expected")
+			XCTAssertNil(error, "No error message expected")
+		}
+		let authParameters1 = try? await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=\(oauth.context.state)&expires_in=3599")!)
+		XCTAssertNotNil(authParameters1, "auth parameters expected")
+		XCTAssertNotNil(oauth.accessToken, "Must have an access token")
+		XCTAssertEqual(oauth.accessToken!, "abc")
+		XCTAssertNotNil(oauth.accessTokenExpiry)
+		XCTAssertTrue(oauth.hasUnexpiredAccessToken())
+		
+		// success 2
+		let authParameters2 = try? await oauth.handleRedirectURL(URL(string: "https://auth.ful.io#token_type=bearer&access_token=abc&state=\(oauth.context.state)")!)
+		XCTAssertNotNil(authParameters2, "auth parameters expected")
+		XCTAssertNotNil(oauth.accessToken, "Must have an access token")
+		XCTAssertEqual(oauth.accessToken!, "abc")
+		XCTAssertNil(oauth.accessTokenExpiry)
+		XCTAssertTrue(oauth.hasUnexpiredAccessToken())
+	}
+}

Tests/Utils/XCTAssertThrowsErrorAsync.swift

@@ -0,0 +1,43 @@
+import XCTest
+import OAuth2
+
+/// Asserts that an asynchronous expression throws an error.
+/// (Intended to function as a drop-in asynchronous version of `XCTAssertThrowsError`.)
+///
+/// Example usage:
+///
+///     await assertThrowsAsyncError(
+///         try await sut.function()
+///     ) { error in
+///         XCTAssertEqual(error as? MyError, MyError.specificError)
+///     }
+///
+/// - Parameters:
+///   - expression: An asynchronous expression that can throw an error.
+///   - message: An optional description of a failure.
+///   - file: The file where the failure occurs.
+///     The default is the filename of the test case where you call this function.
+///   - line: The line number where the failure occurs.
+///     The default is the line number where you call this function.
+///   - errorHandler: An optional handler for errors that expression throws.
+@OAuth2Actor
+func XCTAssertThrowsErrorAsync<T: Sendable>(
+	_ expression: @autoclosure () async throws -> T,
+	_ message: @autoclosure () -> String = "",
+	file: StaticString = #filePath,
+	line: UInt = #line,
+	_ errorHandler: (_ error: Error) -> Void = { _ in }
+) async {
+	do {
+		_ = try await expression()
+		// expected error to be thrown, but it was not
+		let customMessage = message()
+		if customMessage.isEmpty {
+			XCTFail("Asynchronous call did not throw an error.", file: file, line: line)
+		} else {
+			XCTFail(customMessage, file: file, line: line)
+		}
+	} catch {
+		errorHandler(error)
+	}
+}