152d0cdec6
- 新增 Linux DO OAuth 配置项和环境变量支持 - 实现 OAuth 授权流程和回调处理 - 前端添加 Linux DO 登录按钮和回调页面 - 支持通过 Linux DO 账号注册/登录 - 添加相关国际化文本 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
75 lines
2.4 KiB
Go
75 lines
2.4 KiB
Go
package handler
|
|
|
|
import (
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/Wei-Shaw/sub2api/internal/config"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestSanitizeFrontendRedirectPath(t *testing.T) {
|
|
require.Equal(t, "/dashboard", sanitizeFrontendRedirectPath("/dashboard"))
|
|
require.Equal(t, "/dashboard", sanitizeFrontendRedirectPath(" /dashboard "))
|
|
require.Equal(t, "", sanitizeFrontendRedirectPath("dashboard"))
|
|
require.Equal(t, "", sanitizeFrontendRedirectPath("//evil.com"))
|
|
require.Equal(t, "", sanitizeFrontendRedirectPath("https://evil.com"))
|
|
require.Equal(t, "", sanitizeFrontendRedirectPath("/\nfoo"))
|
|
|
|
long := "/" + strings.Repeat("a", linuxDoOAuthMaxRedirectLen)
|
|
require.Equal(t, "", sanitizeFrontendRedirectPath(long))
|
|
}
|
|
|
|
func TestBuildBearerAuthorization(t *testing.T) {
|
|
auth, err := buildBearerAuthorization("", "token123")
|
|
require.NoError(t, err)
|
|
require.Equal(t, "Bearer token123", auth)
|
|
|
|
auth, err = buildBearerAuthorization("bearer", "token123")
|
|
require.NoError(t, err)
|
|
require.Equal(t, "Bearer token123", auth)
|
|
|
|
_, err = buildBearerAuthorization("MAC", "token123")
|
|
require.Error(t, err)
|
|
|
|
_, err = buildBearerAuthorization("Bearer", "token 123")
|
|
require.Error(t, err)
|
|
}
|
|
|
|
func TestLinuxDoParseUserInfoParsesIDAndUsername(t *testing.T) {
|
|
cfg := config.LinuxDoConnectConfig{
|
|
UserInfoURL: "https://connect.linux.do/api/user",
|
|
}
|
|
|
|
email, username, subject, err := linuxDoParseUserInfo(`{"id":123,"username":"alice"}`, cfg)
|
|
require.NoError(t, err)
|
|
require.Equal(t, "123", subject)
|
|
require.Equal(t, "alice", username)
|
|
require.Equal(t, "linuxdo-123@linuxdo-connect.invalid", email)
|
|
}
|
|
|
|
func TestLinuxDoParseUserInfoDefaultsUsername(t *testing.T) {
|
|
cfg := config.LinuxDoConnectConfig{
|
|
UserInfoURL: "https://connect.linux.do/api/user",
|
|
}
|
|
|
|
email, username, subject, err := linuxDoParseUserInfo(`{"id":"123"}`, cfg)
|
|
require.NoError(t, err)
|
|
require.Equal(t, "123", subject)
|
|
require.Equal(t, "linuxdo_123", username)
|
|
require.Equal(t, "linuxdo-123@linuxdo-connect.invalid", email)
|
|
}
|
|
|
|
func TestLinuxDoParseUserInfoRejectsUnsafeSubject(t *testing.T) {
|
|
cfg := config.LinuxDoConnectConfig{
|
|
UserInfoURL: "https://connect.linux.do/api/user",
|
|
}
|
|
|
|
_, _, _, err := linuxDoParseUserInfo(`{"id":"123@456"}`, cfg)
|
|
require.Error(t, err)
|
|
|
|
tooLong := strings.Repeat("a", linuxDoOAuthMaxSubjectLen+1)
|
|
_, _, _, err = linuxDoParseUserInfo(`{"id":"`+tooLong+`"}`, cfg)
|
|
require.Error(t, err)
|
|
}
|