// Vikunja is a to-do list application to facilitate your life. // Copyright 2018-present Vikunja and contributors. All rights reserved. // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . package oauth2server import ( "crypto/sha256" "encoding/base64" "testing" "github.com/stretchr/testify/assert" ) func TestVerifyPKCE(t *testing.T) { t.Run("valid S256 verifier", func(t *testing.T) { verifier := "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" h := sha256.Sum256([]byte(verifier)) challenge := base64.RawURLEncoding.EncodeToString(h[:]) assert.True(t, VerifyPKCE(verifier, challenge, "S256")) }) t.Run("wrong verifier", func(t *testing.T) { verifier := "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" h := sha256.Sum256([]byte(verifier)) challenge := base64.RawURLEncoding.EncodeToString(h[:]) assert.False(t, VerifyPKCE("wrong-verifier", challenge, "S256")) }) t.Run("unsupported method", func(t *testing.T) { assert.False(t, VerifyPKCE("verifier", "challenge", "plain")) }) t.Run("empty method", func(t *testing.T) { assert.False(t, VerifyPKCE("verifier", "challenge", "")) }) }