91c759f455
Single-package agentidp SDK in sdk-go/: - AgentIdPClient composing AgentRegistryClient, CredentialClient, TokenServiceClient, AuditClient — all 14 endpoints covered - Goroutine-safe TokenManager (sync.Mutex) with 60s refresh buffer - AgentIdPError implementing error interface with Code/HTTPStatus/Details - Context-aware: all service methods take context.Context as first arg - doRequest shared helper; token endpoints use form-encoded POST directly - go vet: 0 warnings | staticcheck: 0 warnings - go test ./...: 37/37 passed | coverage: 81.0% (>80% gate) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
109 lines
3.3 KiB
Go
109 lines
3.3 KiB
Go
package agentidp
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func TestTokenServiceClient_IntrospectToken_Active(t *testing.T) {
|
|
introspectResp := map[string]interface{}{
|
|
"active": true,
|
|
"sub": "uuid-1",
|
|
"exp": 9999999999,
|
|
}
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method != http.MethodPost || r.URL.Path != "/api/v1/token/introspect" {
|
|
t.Errorf("unexpected: %s %s", r.Method, r.URL.Path)
|
|
}
|
|
if ct := r.Header.Get("Content-Type"); ct != "application/x-www-form-urlencoded" {
|
|
t.Errorf("expected form content-type, got %q", ct)
|
|
}
|
|
if err := r.ParseForm(); err != nil {
|
|
t.Fatalf("parse form: %v", err)
|
|
}
|
|
if r.FormValue("token") == "" {
|
|
t.Error("missing 'token' form field")
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_ = json.NewEncoder(w).Encode(introspectResp)
|
|
}))
|
|
defer srv.Close()
|
|
|
|
client := newTokenServiceClient(srv.URL, staticToken, &http.Client{})
|
|
result, err := client.IntrospectToken(context.Background(), "some-token")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if !result.Active {
|
|
t.Error("expected active=true")
|
|
}
|
|
if result.Sub == nil || *result.Sub != "uuid-1" {
|
|
t.Errorf("expected sub=uuid-1, got %v", result.Sub)
|
|
}
|
|
}
|
|
|
|
func TestTokenServiceClient_IntrospectToken_Inactive(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_ = json.NewEncoder(w).Encode(map[string]interface{}{"active": false})
|
|
}))
|
|
defer srv.Close()
|
|
|
|
client := newTokenServiceClient(srv.URL, staticToken, &http.Client{})
|
|
result, err := client.IntrospectToken(context.Background(), "expired-token")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if result.Active {
|
|
t.Error("expected active=false")
|
|
}
|
|
}
|
|
|
|
func TestTokenServiceClient_RevokeToken(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method != http.MethodPost || r.URL.Path != "/api/v1/token/revoke" {
|
|
t.Errorf("unexpected: %s %s", r.Method, r.URL.Path)
|
|
}
|
|
if ct := r.Header.Get("Content-Type"); ct != "application/x-www-form-urlencoded" {
|
|
t.Errorf("expected form content-type, got %q", ct)
|
|
}
|
|
w.WriteHeader(200)
|
|
_, _ = w.Write([]byte("{}"))
|
|
}))
|
|
defer srv.Close()
|
|
|
|
client := newTokenServiceClient(srv.URL, staticToken, &http.Client{})
|
|
err := client.RevokeToken(context.Background(), "some-token")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
}
|
|
|
|
func TestTokenServiceClient_IntrospectToken_Error(t *testing.T) {
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("Content-Type", "application/json")
|
|
w.WriteHeader(401)
|
|
_ = json.NewEncoder(w).Encode(map[string]string{
|
|
"code": "UnauthorizedError",
|
|
"message": "Invalid token.",
|
|
})
|
|
}))
|
|
defer srv.Close()
|
|
|
|
client := newTokenServiceClient(srv.URL, staticToken, &http.Client{})
|
|
_, err := client.IntrospectToken(context.Background(), "bad-token")
|
|
if err == nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
apiErr, ok := err.(*AgentIdPError)
|
|
if !ok {
|
|
t.Fatalf("expected *AgentIdPError, got %T", err)
|
|
}
|
|
if apiErr.HTTPStatus != 401 {
|
|
t.Errorf("expected 401, got %d", apiErr.HTTPStatus)
|
|
}
|
|
}
|