;; disfluid, implementation of the Solid specification ;; Copyright (C) 2020, 2021 Vivien Kraus ;; This program is free software: you can redistribute it and/or modify ;; it under the terms of the GNU Affero General Public License as ;; published by the Free Software Foundation, either version 3 of the ;; License, or (at your option) any later version. ;; This program is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU Affero General Public License for more details. ;; You should have received a copy of the GNU Affero General Public License ;; along with this program. If not, see . (use-modules (webid-oidc refresh-token) (webid-oidc testing) (webid-oidc errors) (webid-oidc jwk) (web uri) (srfi srfi-19) (web response) (ice-9 optargs) (ice-9 receive)) (define (issue-n-refresh-tokens key n) (if (<= n 0) '() (let ((next (issue-refresh-token (string->uri (format #f "https://subject-~a.com" (+ n 1))) (string->uri (format #f "https://client-~a.com" (+ n 1))) (jkt key)))) (cons next (issue-n-refresh-tokens key (- n 1)))))) (with-test-environment "too-many-refresh-tokens" (lambda () (let* ((key (generate-key #:n-size 2048)) (refresh-tokens (list->vector (issue-n-refresh-tokens key 21)))) (let ((first-refresh-token (vector-ref refresh-tokens 0)) (second-refresh-token (vector-ref refresh-tokens 20))) (with-exception-handler (lambda (error) (unless (invalid-refresh-token? error) (exit 1))) (lambda () (with-refresh-token first-refresh-token key (lambda (sub aud) ;; It has been made invalid! (exit 1)))) #:unwind? #t #:unwind-for-type &invalid-refresh-token) (unless (with-refresh-token second-refresh-token key (lambda (sub aud) (format (current-error-port) "~a / ~a\n" (uri->string sub) (uri->string aud)) (unless (equal? sub (string->uri "https://subject-2.com")) (exit 2)) (unless (equal? aud (string->uri "https://client-2.com")) (exit 3)))) (exit 4))))))