Skip to content

Commit 6a01d0d

Browse files
ochafikochafik
committed
shrink token.test.ts
1 parent 9e2a565 commit 6a01d0d

File tree

2 files changed

+1
-69
lines changed

2 files changed

+1
-69
lines changed

src/client/auth.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ export async function auth(
9393
{ serverUrl,
9494
authorizationCode,
9595
scope,
96-
resourceMetadataUrl,
96+
resourceMetadataUrl
9797
}: {
9898
serverUrl: string | URL;
9999
authorizationCode?: string;

src/server/auth/handlers/token.test.ts

Lines changed: 0 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -307,74 +307,6 @@ describe('Token Handler', () => {
307307
);
308308
});
309309

310-
it('rejects invalid resource parameter (non-URL)', async () => {
311-
const response = await supertest(app)
312-
.post('/token')
313-
.type('form')
314-
.send({
315-
client_id: 'valid-client',
316-
client_secret: 'valid-secret',
317-
grant_type: 'authorization_code',
318-
code: 'valid_code',
319-
code_verifier: 'valid_verifier',
320-
resource: 'not-a-url'
321-
});
322-
323-
expect(response.status).toBe(400);
324-
expect(response.body.error).toBe('invalid_request');
325-
expect(response.body.error_description).toContain('resource');
326-
});
327-
328-
it('handles authorization code exchange without resource parameter', async () => {
329-
const mockExchangeCode = jest.spyOn(mockProvider, 'exchangeAuthorizationCode');
330-
331-
const response = await supertest(app)
332-
.post('/token')
333-
.type('form')
334-
.send({
335-
client_id: 'valid-client',
336-
client_secret: 'valid-secret',
337-
grant_type: 'authorization_code',
338-
code: 'valid_code',
339-
code_verifier: 'valid_verifier'
340-
});
341-
342-
expect(response.status).toBe(200);
343-
expect(mockExchangeCode).toHaveBeenCalledWith(
344-
validClient,
345-
'valid_code',
346-
undefined, // code_verifier is undefined after PKCE validation
347-
undefined, // redirect_uri
348-
undefined // resource parameter
349-
);
350-
});
351-
352-
it('passes resource with redirect_uri', async () => {
353-
const mockExchangeCode = jest.spyOn(mockProvider, 'exchangeAuthorizationCode');
354-
355-
const response = await supertest(app)
356-
.post('/token')
357-
.type('form')
358-
.send({
359-
client_id: 'valid-client',
360-
client_secret: 'valid-secret',
361-
grant_type: 'authorization_code',
362-
code: 'valid_code',
363-
code_verifier: 'valid_verifier',
364-
redirect_uri: 'https://example.com/callback',
365-
resource: 'https://api.example.com/resource'
366-
});
367-
368-
expect(response.status).toBe(200);
369-
expect(mockExchangeCode).toHaveBeenCalledWith(
370-
validClient,
371-
'valid_code',
372-
undefined, // code_verifier is undefined after PKCE validation
373-
'https://example.com/callback', // redirect_uri
374-
new URL('https://api.example.com/resource') // resource parameter
375-
);
376-
});
377-
378310
it('passes through code verifier when using proxy provider', async () => {
379311
const originalFetch = global.fetch;
380312

0 commit comments

Comments
 (0)