fix: OAuth2RedirectTest (#1490)

membrane · Jan 17, 2025 · f579e32 · f579e32
1 parent bf2cf14
commit f579e32
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 13 deletions.
diff --git a/core/src/test/java/com/predic8/membrane/core/oauth2/OAuth2AuthFlowClient.java b/core/src/test/java/com/predic8/membrane/core/oauth2/OAuth2AuthFlowClient.java
@@ -13,21 +13,27 @@
    limitations under the License. */
 package com.predic8.membrane.core.oauth2;
 
-import io.restassured.response.*;
-import org.jetbrains.annotations.*;
+import com.predic8.membrane.core.resolver.ResolverMap;
+import io.restassured.filter.log.LogDetail;
+import io.restassured.filter.log.UrlDecoder;
+import io.restassured.response.Response;
+import org.jetbrains.annotations.NotNull;
 
+import java.nio.charset.StandardCharsets;
 import java.util.*;
 
+import static com.predic8.membrane.core.resolver.ResolverMap.combine;
 import static io.restassured.RestAssured.*;
-import static io.restassured.filter.log.LogDetail.*;
+import static io.restassured.filter.log.UrlDecoder.urlDecode;
+import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.apache.http.HttpHeaders.*;
 import static org.hamcrest.Matchers.*;
 import static org.hamcrest.text.MatchesPattern.matchesPattern;
 
 public class OAuth2AuthFlowClient {
 
     private static final String CLIENT_BASE_URL = "http://localhost:2000";
-    private static final String CLIENT_URL = CLIENT_BASE_URL + "/a?b=c&d= ";
+    private static final String CLIENT_URL = CLIENT_BASE_URL + "/a?b=c&d=ä";
     private static final String AUTH_SERVER_URL = "http://localhost:2002";
 
     Map<String, String> cookies = new HashMap<>();
@@ -158,13 +164,26 @@ String step8redirectToClient() {
     }
 
     void step9exchangeCodeForToken(String location, String expectedBody) {
-        given()
+        String location2 = given()
             .redirects().follow(false)
             .cookies(memCookies)
         .when()
             .post(location)
         .then()
-            .log().ifValidationFails(BODY)
+            .log().ifValidationFails(LogDetail.ALL)
+            .statusCode(307)
+            .extract().response().getHeader(LOCATION);
+
+        // this is what browsers seem to do
+        location2 = urlDecode(combine(location, location2), UTF_8, true);
+
+        given()
+            .redirects().follow(false)
+            .cookies(memCookies)
+        .when()
+            .get(location2)
+        .then()
+            .log().ifValidationFails(LogDetail.ALL)
             .statusCode(200)
             .assertThat().body(is(expectedBody));
     }

diff --git a/core/src/test/java/com/predic8/membrane/core/oauth2/OAuth2RedirectTest.java b/core/src/test/java/com/predic8/membrane/core/oauth2/OAuth2RedirectTest.java
@@ -84,8 +84,8 @@ void testGet() {
         // Step 9: Exchange Code for Token & continue original request.·
         OAuth2.step9exchangeCodeForToken(
                 callbackUrl,
-                "GET / application/x-www-form-urlencoded; charset=ISO-8859-1 / "
-                // method is 'GET', Content-Type is x-www, body is empty
+                "GET | null | "
+                // method is 'GET', Content-Type is not set, body is empty
         );
 
         assertEquals(firstUrlHit.get(), targetUrlHit.get(), "Check that URL survived encoding.");
@@ -114,11 +114,11 @@ void testPost() {
         // Step 9: Exchange Code for Token & continue original request.·
         OAuth2.step9exchangeCodeForToken(
                 callbackUrl,
-                "POST / text/x-json; charset=ISO-8859-1 / [true]"
-                // method is POST, Content-Type text/x-json, body is '[true]'
+                "POST | text/x-json; charset=ISO-8859-1 | [true]"
+                // method is POST, Content-Type is 'text/x-json; charset=ISO-8859-1', body is '[true]'
         );
 
-        assertTrue(targetUrlHit.get().startsWith(firstUrlHit.get() + "&oa2redirect"), "Check that URL survived encoding.");
+        assertTrue(targetUrlHit.get().startsWith(firstUrlHit.get()), "Check that URL survived encoding.");
         assertEquals(firstUrlHit.get(), interceptorChainHit.get(), "Is interceptor chain correctly continued?");
     }
 
@@ -156,8 +156,8 @@ public Outcome handleRequest(Exchange exc) {
                 return Outcome.CONTINUE;
             }
         });
-        nginxRule.getInterceptors().add(createConditionalInterceptorWithReturnMessage("method == 'POST'", "POST / ${exc.request.header.getFirstValue('Content-Type')} / ${exc.request.body}"));
-        nginxRule.getInterceptors().add(createConditionalInterceptorWithReturnMessage("method == 'GET'", "GET / ${exc.request.header.getFirstValue('Content-Type')} / ${exc.request.body}"));
+        nginxRule.getInterceptors().add(createConditionalInterceptorWithReturnMessage("method == 'POST'", "POST | ${exc.request.header.getFirstValue('Content-Type')} | ${exc.request.body}"));
+        nginxRule.getInterceptors().add(createConditionalInterceptorWithReturnMessage("method == 'GET'", "GET | ${exc.request.header.getFirstValue('Content-Type')} | ${exc.request.body}"));
         nginxRule.getInterceptors().add(new ReturnInterceptor());
         return nginxRule;
     }