Tests/OAuth.steps.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
Given 'the OAuth module is imported' {
    import-module $PSScriptRoot\..\PSSpotify.psd1 -Force -DisableNameChecking -Global
}

Given 'the OAuth API is available' {
    param($InputData)
    $global:Data = ConvertFrom-StringData $InputData
    $global:Cred = (import-clixml $Data["CredPath"])
    $global:TokenEndpoint = $Data["TokenEndpoint"]
    $global:AuthorizationEndpoint = $Data["AuthorizationEndpoint"]
    $global:RedirectUri = $Data["RedirectUri"]
    $global:RefreshToken = $Data["RefreshToken"]
    $global:Perms = $Data["Perms"]
}

Given 'the OAuth API is mocked' {
    $global:Cred = New-Object PSCredential -ArgumentList 'user', (ConvertTo-SecureString 'password' -AsPlainText -Force)
    $global:TokenEndpoint = "https://localhost/MockApi/token"
    $global:AuthorizationEndpoint = "https://localhost/authorize"
    $global:RedirectUri = "http://localhost:8001"
    $global:RefreshToken = "123"
    $global:AccessToken = "456"
    $global:AuthCode = "789"
    $global:Perms = "Scope1", "Scope2"

    mock -CommandName Invoke-RestMethod -ParameterFilter {$Uri -eq $global:TokenEndpoint} -MockWith {
        [pscustomobject]@{
            access_token  = $global:AccessToken
            refresh_token = $global:RefreshToken
            token_type    = "Bearer"
            expires_in    = 3600
            scope         = ($global:Perms -join ' ')
        }
    }

    mock -CommandName New-OAuthConfirmationWindow -MockWith {
        $global:AuthCode
    }
}

And 'an OAuth RefreshToken is specified' {
    $AccessTokenParams = @{
        TokenEndpoint  = $global:TokenEndpoint
        ClientidSecret = $global:Cred
        RefreshToken   = $global:RefreshToken
    }
}

But "an OAuth RefreshToken isn't specified" {
    $AuthCodeParams = @{
        AuthorizationEndpoint = $global:AuthorizationEndpoint
        RedirectUri           = $global:RedirectUri
        ClientidSecret        = $global:Cred
        Permissions           = $global:Perms
    }
    $AccessTokenParams = @{
        TokenEndpoint     = $global:TokenEndpoint
        ClientidSecret    = $global:Cred
        AuthorizationCode = $global:AuthCode
        RedirectUri       = $global:RedirectUri
    }
}

When 'I request an access token from the API' {
    $session = Get-AccessToken @AccessTokenParams
}

When 'I request an auth code from the API' {
    $AccessTokenParams["AuthorizationCode"] = Get-AuthorizationCode @AuthCodeParams
}

Then 'an OAuth Session object should be returned' {
    $Session | Should -Not -BeNullOrEmpty
}

And 'an OAuth Session object should be valid' {
    $Session.access_token | should -BeOfType string
    $Session.expires_in | should -BeOfType int
    $Session.token_Type | should -Be "Bearer"
    $Session.Scope | should -BeOfType string
}

And 'an OAuth Session object permissions should match' {
    param($Perm)
    $Session.Scope | should -BeLike "*$Perm*"
}