0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

test: add resource test cases for token exchange (#6216)

* feat(core): handle dpop and client certificate for token exchange

* refactor(core): refactor organizations in grants

* test: add resource test cases for token exchange
This commit is contained in:
wangsijie 2024-07-12 14:56:11 +08:00 committed by GitHub
parent 608349e8ea
commit 485b0a6915
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -207,6 +207,47 @@ describe('Token Exchange', () => {
}); });
}); });
describe('get access token for resource', () => {
it('should exchange an access token with resource as `aud`', async () => {
const { subjectToken } = await createSubjectToken(testUserId);
const { access_token } = await oidcApi
.post('token', {
headers: formUrlEncodedHeaders,
body: new URLSearchParams({
client_id: testApplicationId,
grant_type: GrantType.TokenExchange,
subject_token: subjectToken,
subject_token_type: 'urn:ietf:params:oauth:token-type:access_token',
resource: testApiResourceInfo.indicator,
}),
})
.json<{ access_token: string }>();
expect(getAccessTokenPayload(access_token)).toHaveProperty(
'aud',
testApiResourceInfo.indicator
);
});
it('should fail with invalid resource', async () => {
const { subjectToken } = await createSubjectToken(testUserId);
await expect(
oidcApi.post('token', {
headers: formUrlEncodedHeaders,
body: new URLSearchParams({
client_id: testApplicationId,
grant_type: GrantType.TokenExchange,
subject_token: subjectToken,
subject_token_type: 'urn:ietf:params:oauth:token-type:access_token',
resource: 'invalid_resource',
}),
})
).rejects.toThrow();
});
});
describe('get access token for organization', () => { describe('get access token for organization', () => {
const scopeName = `read:${randomString()}`; const scopeName = `read:${randomString()}`;