Updated the test cases for CTE

pmathew92 · pmathew92 · commit e990a6d3e4f3 · 2025-12-09T16:17:17.000+05:30
diff --git a/auth0/src/test/java/com/auth0/android/authentication/AuthenticationAPIClientTest.kt b/auth0/src/test/java/com/auth0/android/authentication/AuthenticationAPIClientTest.kt
@@ -2298,7 +2298,7 @@ public class AuthenticationAPIClientTest {
     public fun shouldCustomTokenExchange() {
         mockAPI.willReturnSuccessfulLogin()
         val callback = MockAuthenticationCallback<Credentials>()
-        client.customTokenExchange("subject-token-type", "subject-token")
+        client.customTokenExchange("subject-token-type", "subject-token", "org_12345")
             .start(callback)
         ShadowLooper.idleMainLooper()
         val request = mockAPI.takeRequest()
@@ -2316,6 +2316,7 @@ public class AuthenticationAPIClientTest {
         )
         assertThat(body, Matchers.hasEntry("subject_token", "subject-token"))
         assertThat(body, Matchers.hasEntry("subject_token_type", "subject-token-type"))
+        assertThat(body, Matchers.hasEntry("organization", "org_12345"))
         assertThat(body, Matchers.hasEntry("scope", "openid profile email"))
         assertThat(
             callback, AuthenticationCallbackMatcher.hasPayloadOfType(
@@ -2328,7 +2329,7 @@ public class AuthenticationAPIClientTest {
     public fun shouldCustomTokenExchangeSync() {
         mockAPI.willReturnSuccessfulLogin()
         val credentials = client
-            .customTokenExchange("subject-token-type", "subject-token")
+            .customTokenExchange("subject-token-type", "subject-token", "org_abc")
             .execute()
         val request = mockAPI.takeRequest()
         assertThat(
@@ -2345,6 +2346,7 @@ public class AuthenticationAPIClientTest {
         )
         assertThat(body, Matchers.hasEntry("subject_token", "subject-token"))
         assertThat(body, Matchers.hasEntry("subject_token_type", "subject-token-type"))
+        assertThat(body, Matchers.hasEntry("organization", "org_abc"))
         assertThat(body, Matchers.hasEntry("scope", "openid profile email"))
         assertThat(credentials, Matchers.`is`(Matchers.notNullValue()))
     }
@@ -2371,10 +2373,97 @@ public class AuthenticationAPIClientTest {
         )
         assertThat(body, Matchers.hasEntry("subject_token", "subject-token"))
         assertThat(body, Matchers.hasEntry("subject_token_type", "subject-token-type"))
+        assertThat(body, Matchers.not(Matchers.hasKey("organization")))
         assertThat(body, Matchers.hasEntry("scope", "openid profile email"))
         assertThat(credentials, Matchers.`is`(Matchers.notNullValue()))
     }
 
+    @Test
+    public fun shouldFailCustomTokenExchangeWithReservedNamespace() {
+        val callback = MockAuthenticationCallback<Credentials>()
+        client.customTokenExchange("https://auth0.com", "subject-token")
+            .start(callback)
+        ShadowLooper.idleMainLooper()
+
+        assertThat(
+            callback.error.message,
+            Matchers.containsString("Invalid URI")
+        )
+        assertThat(callback.error.cause, Matchers.instanceOf(IllegalArgumentException::class.java))
+        assertThat(
+            callback.error.cause?.message,
+            Matchers.containsString("reserved namespace")
+        )
+    }
+
+    @Test
+    public fun shouldFailCustomTokenExchangeSyncWithReservedNamespace() {
+        val exception = assertThrows(AuthenticationException::class.java) {
+            client.customTokenExchange("urn:okta", "subject-token")
+                .execute()
+        }
+
+        assertThat(exception.message, Matchers.containsString("Invalid URI"))
+        assertThat(exception.cause, Matchers.instanceOf(IllegalArgumentException::class.java))
+        assertThat(
+            exception.cause?.message,
+            Matchers.containsString("reserved namespace")
+        )
+    }
+
+    @Test
+    @ExperimentalCoroutinesApi
+    public fun shouldFailCustomTokenExchangeAwaitWithReservedNamespace() {
+        val exception = assertThrows(AuthenticationException::class.java) {
+            runTest {
+                client.customTokenExchange("urn:auth0", "subject-token")
+                    .await()
+            }
+        }
+
+        assertThat(exception.message, Matchers.containsString("Invalid URI"))
+        assertThat(exception.cause, Matchers.instanceOf(IllegalArgumentException::class.java))
+        assertThat(
+            exception.cause?.message,
+            Matchers.containsString("reserved namespace")
+        )
+    }
+
+    @Test
+    public fun shouldFailCustomTokenExchangeWithInvalidHttpUri() {
+        val callback = MockAuthenticationCallback<Credentials>()
+        client.customTokenExchange("http://invalid uri with spaces", "subject-token")
+            .start(callback)
+        ShadowLooper.idleMainLooper()
+
+        assertThat(callback, AuthenticationCallbackMatcher.hasError(Credentials::class.java))
+        assertThat(
+            callback.error.message,
+            Matchers.containsString("Invalid URI")
+        )
+        assertThat(
+            callback.error.cause?.message,
+            Matchers.containsString("not a valid URI")
+        )
+    }
+
+    @Test
+    public fun shouldFailCustomTokenExchangeWithMalformedHttpsUri() {
+        val callback = MockAuthenticationCallback<Credentials>()
+        client.customTokenExchange("https://[invalid:uri:format", "subject-token")
+            .start(callback)
+        ShadowLooper.idleMainLooper()
+
+        assertThat(
+            callback.error.message,
+            Matchers.containsString("Invalid URI")
+        )
+        assertThat(
+            callback.error.cause?.message,
+            Matchers.containsString("not a valid URI")
+        )
+    }
+
     @Test
     public fun shouldSsoExchange() {
         mockAPI.willReturnSuccessfulLogin()
@@ -2871,7 +2960,10 @@ public class AuthenticationAPIClientTest {
         assertThat(request.path, Matchers.equalTo("/oauth/token"))
 
         val body = bodyFromRequest<String>(request)
-        assertThat(body, Matchers.hasEntry("grant_type", ParameterBuilder.GRANT_TYPE_AUTHORIZATION_CODE))
+        assertThat(
+            body,
+            Matchers.hasEntry("grant_type", ParameterBuilder.GRANT_TYPE_AUTHORIZATION_CODE)
+        )
         assertThat(body, Matchers.hasEntry("code", "auth-code"))
 
         // Verify that key pair generation was attempted
@@ -2935,7 +3027,10 @@ public class AuthenticationAPIClientTest {
         assertThat(request.path, Matchers.equalTo("/oauth/token"))
 
         val body = bodyFromRequest<String>(request)
-        assertThat(body, Matchers.hasEntry("grant_type", ParameterBuilder.GRANT_TYPE_TOKEN_EXCHANGE))
+        assertThat(
+            body,
+            Matchers.hasEntry("grant_type", ParameterBuilder.GRANT_TYPE_TOKEN_EXCHANGE)
+        )
         assertThat(body, Matchers.hasEntry("subject_token_type", "subject-token-type"))
 
         // Verify that key pair generation was attempted
@@ -3114,9 +3209,12 @@ public class AuthenticationAPIClientTest {
             client.useDPoP(mockContext).login(SUPPORT_AUTH0_COM, PASSWORD, MY_CONNECTION)
                 .execute()
         }
-        Assert.assertEquals("Key pair is not found in the keystore. Please generate a key pair first.", exception.message)
+        Assert.assertEquals(
+            "Key pair is not found in the keystore. Please generate a key pair first.",
+            exception.message
+        )
         assertThat(exception.cause, Matchers.notNullValue())
-        assertThat(exception.cause, Matchers.instanceOf(DPoPException::class.java   ))
+        assertThat(exception.cause, Matchers.instanceOf(DPoPException::class.java))
     }
 
     private fun <T> bodyFromRequest(request: RecordedRequest): Map<String, T> {
diff --git a/auth0/src/test/java/com/auth0/android/authentication/request/AuthenticationRequestMock.java b/auth0/src/test/java/com/auth0/android/authentication/request/AuthenticationRequestMock.java
@@ -7,8 +7,11 @@
 import com.auth0.android.callback.Callback;
 import com.auth0.android.request.AuthenticationRequest;
 import com.auth0.android.request.Request;
+import com.auth0.android.request.RequestValidator;
 import com.auth0.android.result.Credentials;
 
+import org.jetbrains.annotations.NotNull;
+
 import java.util.Map;
 
 public class AuthenticationRequestMock implements AuthenticationRequest {
@@ -112,4 +115,9 @@ public AuthenticationRequest withIdTokenVerificationLeeway(int leeway) {
     public AuthenticationRequest withIdTokenVerificationIssuer(@NonNull String issuer) {
         return this;
     }
+
+    @Override
+    public @NotNull AuthenticationRequest addValidator(@NotNull RequestValidator validator) {
+        return this;
+    }
 }
diff --git a/auth0/src/test/java/com/auth0/android/authentication/request/RequestMock.java b/auth0/src/test/java/com/auth0/android/authentication/request/RequestMock.java
@@ -4,8 +4,10 @@
 
 import com.auth0.android.Auth0Exception;
 import com.auth0.android.callback.Callback;
-import com.auth0.android.request.HttpMethod;
 import com.auth0.android.request.Request;
+import com.auth0.android.request.RequestValidator;
+
+import org.jetbrains.annotations.NotNull;
 
 import java.util.Map;
 
@@ -62,4 +64,9 @@ public T execute() throws Auth0Exception {
     public Request<T, U> addParameter(@NonNull String name, @NonNull Object value) {
         return this;
     }
+
+    @Override
+    public @NotNull Request<T, @NotNull U> addValidator(@NotNull RequestValidator validator) {
+        return this;
+    }
 }
