diff options
Diffstat (limited to 'tests/token-endpoint-refresh.scm')
-rw-r--r-- | tests/token-endpoint-refresh.scm | 56 |
1 files changed, 26 insertions, 30 deletions
diff --git a/tests/token-endpoint-refresh.scm b/tests/token-endpoint-refresh.scm index 2b5be1f..f3d9b52 100644 --- a/tests/token-endpoint-refresh.scm +++ b/tests/token-endpoint-refresh.scm @@ -23,6 +23,7 @@ (webid-oidc jti) (webid-oidc testing) ((webid-oidc stubs) #:prefix stubs:) + ((webid-oidc parameters) #:prefix p:) (web uri) (web request) (web response) @@ -41,47 +42,22 @@ (define client (string->uri "https://token-endpoint-issue.scm/client/card#app")) (define issuer (string->uri "https://issuer.token-endpoint-issue.scm")) (define validity 3600) - (define jti-list (make-jti-list)) (define refresh-code (issue-refresh-token subject client (jkt client-key))) - (define the-time 0) - (define (current-time) - (make-time time-utc 0 the-time)) (define endpoint (make-token-endpoint (string->uri "https://token-endpoint-issue.scm/token") - issuer alg key validity jti-list - #:current-time current-time)) + issuer alg key validity)) (receive (response response-body user error) ;; The refresh token is fake! (let ((dpop - (issue-dpop-proof - client-key - #:alg alg - #:htm 'POST - #:htu (string->uri - "https://token-endpoint-issue.scm/token") - #:iat (time-utc->date (make-time time-utc 0 0))))) - (set! the-time 0) - (endpoint - (build-request (string->uri - "http://localhost:8080/token") - #:headers `((content-type application/x-www-form-urlencoded) - (dpop . ,dpop)) - #:method 'POST - #:port #t) - "refresh_token=fake")) - (unless (eq? (response-code response) 400) - (exit 3)) - (receive (response response-body user error) - (let ((dpop + (parameterize ((p:current-date 0)) (issue-dpop-proof client-key #:alg alg #:htm 'POST #:htu (string->uri - "https://token-endpoint-issue.scm/token") - #:iat (time-utc->date (make-time time-utc 0 10))))) - (set! the-time 10) + "https://token-endpoint-issue.scm/token"))))) + (parameterize ((p:current-date 0)) (endpoint (build-request (string->uri "http://localhost:8080/token") @@ -89,7 +65,27 @@ (dpop . ,dpop)) #:method 'POST #:port #t) - (string-append "grant_type=refresh_token&refresh_token=" refresh-code))) + "refresh_token=fake"))) + (unless (eq? (response-code response) 400) + (exit 3)) + (receive (response response-body user error) + (let ((dpop + (parameterize ((p:current-date 10)) + (issue-dpop-proof + client-key + #:alg alg + #:htm 'POST + #:htu (string->uri + "https://token-endpoint-issue.scm/token"))))) + (parameterize ((p:current-date 10)) + (endpoint + (build-request (string->uri + "http://localhost:8080/token") + #:headers `((content-type application/x-www-form-urlencoded) + (dpop . ,dpop)) + #:method 'POST + #:port #t) + (string-append "grant_type=refresh_token&refresh_token=" refresh-code)))) (unless (eq? (response-code response) 200) (exit 4)) (unless (eq? (car (response-content-type response)) 'application/json) |