OAuth 2.0 Authorization Server [MOD-559] (#733)

* WIP end-of-day push * Authorize endpoint, accept endpoints, DB stuff for oauth clients, their redirects, and client authorizations * OAuth Client create route * Get user clients * Client delete * Edit oauth client * Include redirects in edit client route * Database stuff for tokens * Reorg oauth stuff out of auth/flows and into its own module * Impl OAuth get access token endpoint * Accept oauth access tokens as auth and update through AuthQueue * User OAuth authorization management routes * Forgot to actually add the routes lol * Bit o cleanup * Happy path test for OAuth and minor fixes for things it found * Add dummy data oauth client (and detect/handle dummy data version changes) * More tests * Another test * More tests and reject endpoint * Test oauth client and authorization management routes * cargo sqlx prepare * dead code warning * Auto clippy fixes * Uri refactoring * minor name improvement * Don't compile-time check the test sqlx queries * Trying to fix db concurrency problem to get tests to pass * Try fix from test PR * Fixes for updated sqlx * Prevent restricted scopes from being requested or issued * Get OAuth client(s) * Remove joined oauth client info from authorization returns * Add default conversion to OAuthError::error so we can use ? * Rework routes * Consolidate scopes into SESSION_ACCESS * Cargo sqlx prepare * Parse to OAuthClientId automatically through serde and actix * Cargo clippy * Remove validation requiring 1 redirect URI on oauth client creation * Use serde(flatten) on OAuthClientCreationResult
2023-10-30 11:14:38 -05:00
parent 8803e11945
commit 6cfd4637db
54 changed files with 3658 additions and 135 deletions
--- a/tests/common/api_v2/project.rs
+++ b/tests/common/api_v2/project.rs
@@ -29,7 +29,7 @@ impl ApiV2 {
            .set_multipart(creation_data.segment_data)
            .to_request();
        let resp = self.call(req).await;
-        assert_status(resp, StatusCode::OK);
+        assert_status(&resp, StatusCode::OK);

        // Approve as a moderator.
        let req = TestRequest::patch()
@@ -42,7 +42,7 @@ impl ApiV2 {
            ))
            .to_request();
        let resp = self.call(req).await;
-        assert_status(resp, StatusCode::NO_CONTENT);
+        assert_status(&resp, StatusCode::NO_CONTENT);

        let project = self
            .get_project_deserialized(&creation_data.slug, pat)
@@ -82,16 +82,20 @@ impl ApiV2 {
        test::read_body_json(resp).await
    }

+    pub async fn get_user_projects(&self, user_id_or_username: &str, pat: &str) -> ServiceResponse {
+        let req = test::TestRequest::get()
+            .uri(&format!("/v2/user/{}/projects", user_id_or_username))
+            .append_header(("Authorization", pat))
+            .to_request();
+        self.call(req).await
+    }
+
    pub async fn get_user_projects_deserialized(
        &self,
        user_id_or_username: &str,
        pat: &str,
    ) -> Vec<Project> {
-        let req = test::TestRequest::get()
-            .uri(&format!("/v2/user/{}/projects", user_id_or_username))
-            .append_header(("Authorization", pat))
-            .to_request();
-        let resp = self.call(req).await;
+        let resp = self.get_user_projects(user_id_or_username, pat).await;
        assert_eq!(resp.status(), 200);
        test::read_body_json(resp).await
    }
--- a/tests/common/api_v2/team.rs
+++ b/tests/common/api_v2/team.rs
@@ -1,3 +1,4 @@
+use actix_http::StatusCode;
 use actix_web::{dev::ServiceResponse, test};
 use labrinth::models::{
    notifications::Notification,
@@ -5,6 +6,8 @@ use labrinth::models::{
 };
 use serde_json::json;

+use crate::common::asserts::assert_status;
+
 use super::ApiV2;

 impl ApiV2 {
@@ -114,16 +117,21 @@ impl ApiV2 {
        self.call(req).await
    }

+    pub async fn get_user_notifications(&self, user_id: &str, pat: &str) -> ServiceResponse {
+        let req = test::TestRequest::get()
+            .uri(&format!("/v2/user/{user_id}/notifications"))
+            .append_header(("Authorization", pat))
+            .to_request();
+        self.call(req).await
+    }
+
    pub async fn get_user_notifications_deserialized(
        &self,
        user_id: &str,
        pat: &str,
    ) -> Vec<Notification> {
-        let req = test::TestRequest::get()
-            .uri(&format!("/v2/user/{user_id}/notifications"))
-            .append_header(("Authorization", pat))
-            .to_request();
-        let resp = self.call(req).await;
+        let resp = self.get_user_notifications(user_id, pat).await;
+        assert_status(&resp, StatusCode::OK);
        test::read_body_json(resp).await
    }