diff options
author | Vivien Kraus <vivien@planete-kraus.eu> | 2021-09-22 13:11:21 +0200 |
---|---|---|
committer | Vivien Kraus <vivien@planete-kraus.eu> | 2021-09-22 18:08:47 +0200 |
commit | 555e59deba33284067298ce6130c379c75e3d2a3 (patch) | |
tree | c15c823913e917bc474f1cf163caf65a117ee9c3 /tests/authorization-endpoint-submit-form.scm | |
parent | 0d74f8c1ca9c1e9bf9a04b85f598ba7a175d1d86 (diff) |
Use anonymous-http-request from (webid-oidc parameters) everywhere
Diffstat (limited to 'tests/authorization-endpoint-submit-form.scm')
-rw-r--r-- | tests/authorization-endpoint-submit-form.scm | 123 |
1 files changed, 61 insertions, 62 deletions
diff --git a/tests/authorization-endpoint-submit-form.scm b/tests/authorization-endpoint-submit-form.scm index 2fc7197..3de3e19 100644 --- a/tests/authorization-endpoint-submit-form.scm +++ b/tests/authorization-endpoint-submit-form.scm @@ -39,7 +39,6 @@ (define redirect (string->uri "https://authorization-endpoint-submit-form.scm/client/redirect")) (define password "p4ssw0rd") (define encrypted-password (crypt password "$6$this.is.the.salt")) - (define validity 120) (define what-uri-to-expect client) (define served (receive (response response-body) @@ -49,66 +48,66 @@ (cons response response-body))) (define the-response (car served)) (define the-response-body (cdr served)) - (define* (http-get uri #:key (headers '())) - (unless (equal? uri what-uri-to-expect) - (exit 2)) - (values the-response the-response-body)) - (define cached-http-get - (with-cache #:http-get http-get)) (define endpoint (make-authorization-endpoint - subject encrypted-password key validity - #:http-get cached-http-get)) - (receive (response response-body) - ;; The password is fake! - (parameterize ((p:current-date 0)) - (endpoint - (build-request (string->uri - (format #f "https://authorization-endpoint-submit-form.scm/authorize?client_id=~a&redirect_uri=~a" - (uri-encode (uri->string client)) - (uri-encode (uri->string redirect)))) - #:headers '((content-type application/x-www-form-urlencoded)) - #:method 'POST - #:port #t) - "password=fake")) - (when (eq? (response-code response) 302) - (exit 3))) - (receive (response response-body) - (parameterize ((p:current-date 0)) - (endpoint - (build-request (string->uri - (format #f "https://authorization-endpoint-submit-form.scm/authorize?client_id=~a&redirect_uri=~a" - (uri-encode (uri->string client)) - (uri-encode (uri->string redirect)))) - #:headers '((content-type application/x-www-form-urlencoded)) - #:method 'POST - #:port #t) - "password=p4ssw0rd")) - (unless (eq? (response-code response) 302) - (exit 4)) - (let ((loc (response-location response))) - (unless (uri? loc) - (exit 5)) - (let ((loc-scheme (uri-scheme loc)) - (loc-host (uri-host loc)) - (loc-path (uri-path loc)) - (loc-query (uri-query loc))) - (unless (eq? loc-scheme 'https) - (exit 6)) - (unless (string=? loc-host "authorization-endpoint-submit-form.scm") - (exit 7)) - (unless (string=? loc-path "/client/redirect") - (exit 8)) - (let* ((kv (string-split loc-query #\&)) - (args (map (lambda (x) - (map uri-decode (string-split x #\=))) - kv))) - (unless (assoc-ref args "code") - (exit 9)) - (let ((parsed - (parameterize ((p:current-date 60)) - (decode <authorization-code> - (car (assoc-ref args "code")) - #:issuer-key key)))) - (unless parsed - (exit 10))))))))) + subject encrypted-password key)) + (parameterize ((p:anonymous-http-request + (lambda* (uri #:key (headers '()) #:allow-other-keys) + (unless (equal? uri what-uri-to-expect) + (exit 2)) + (values the-response the-response-body)))) + (use-cache + (lambda () + (receive (response response-body) + ;; The password is fake! + (parameterize ((p:current-date 0)) + (endpoint + (build-request (string->uri + (format #f "https://authorization-endpoint-submit-form.scm/authorize?client_id=~a&redirect_uri=~a" + (uri-encode (uri->string client)) + (uri-encode (uri->string redirect)))) + #:headers '((content-type application/x-www-form-urlencoded)) + #:method 'POST + #:port #t) + "password=fake")) + (when (eq? (response-code response) 302) + (exit 3))) + (receive (response response-body) + (parameterize ((p:current-date 0)) + (endpoint + (build-request (string->uri + (format #f "https://authorization-endpoint-submit-form.scm/authorize?client_id=~a&redirect_uri=~a" + (uri-encode (uri->string client)) + (uri-encode (uri->string redirect)))) + #:headers '((content-type application/x-www-form-urlencoded)) + #:method 'POST + #:port #t) + "password=p4ssw0rd")) + (unless (eq? (response-code response) 302) + (exit 4)) + (let ((loc (response-location response))) + (unless (uri? loc) + (exit 5)) + (let ((loc-scheme (uri-scheme loc)) + (loc-host (uri-host loc)) + (loc-path (uri-path loc)) + (loc-query (uri-query loc))) + (unless (eq? loc-scheme 'https) + (exit 6)) + (unless (string=? loc-host "authorization-endpoint-submit-form.scm") + (exit 7)) + (unless (string=? loc-path "/client/redirect") + (exit 8)) + (let* ((kv (string-split loc-query #\&)) + (args (map (lambda (x) + (map uri-decode (string-split x #\=))) + kv))) + (unless (assoc-ref args "code") + (exit 9)) + (let ((parsed + (parameterize ((p:current-date 60)) + (decode <authorization-code> + (car (assoc-ref args "code")) + #:issuer-key key)))) + (unless parsed + (exit 10)))))))))))) |