Skip to content

Commit ae754f4

Browse files
committed
chore: add OAuth2 device flow test scripts
Change-Id: Ic232851727e683ab3d8b7ce970c505588da2f827 Signed-off-by: Thomas Kosiewski <tk@coder.com>
1 parent bdc12a1 commit ae754f4

File tree

5 files changed

+426
-10
lines changed

5 files changed

+426
-10
lines changed

coderd/oauth2_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1576,7 +1576,7 @@ func TestOAuth2DeviceAuthorizationSimple(t *testing.T) {
15761576

15771577
client := coderdtest.New(t, nil)
15781578
coderdtest.CreateFirstUser(t, client)
1579-
ctx := testutil.Context(t, testutil.WaitLong)
1579+
ctx := t.Context()
15801580

15811581
// Create an OAuth2 app for testing
15821582
app, err := client.PostOAuth2ProviderApp(ctx, codersdk.PostOAuth2ProviderAppRequest{
@@ -1630,7 +1630,7 @@ func TestOAuth2DeviceAuthorization(t *testing.T) {
16301630

16311631
client := coderdtest.New(t, nil)
16321632
coderdtest.CreateFirstUser(t, client)
1633-
ctx := testutil.Context(t, testutil.WaitLong)
1633+
ctx := t.Context()
16341634

16351635
// Create an OAuth2 app for testing
16361636
app, err := client.PostOAuth2ProviderApp(ctx, codersdk.PostOAuth2ProviderAppRequest{

scripts/oauth2/README.md

Lines changed: 51 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,39 @@ export STATE="your-state"
102102
go run ./scripts/oauth2/oauth2-test-server.go
103103
```
104104

105+
### `test-device-flow.sh`
106+
107+
Tests the OAuth2 Device Authorization Flow (RFC 8628) using the golang.org/x/oauth2 library. This flow is designed for devices that either lack a web browser or have limited input capabilities.
108+
109+
Usage:
110+
111+
```bash
112+
# First set up an app
113+
eval $(./scripts/oauth2/setup-test-app.sh)
114+
115+
# Run the device flow test
116+
./scripts/oauth2/test-device-flow.sh
117+
```
118+
119+
Features:
120+
121+
- Implements the complete device authorization flow
122+
- Uses the `/x/oauth2` library for OAuth2 operations
123+
- Displays user code and verification URL
124+
- Automatically polls for token completion
125+
- Tests the access token with an API call
126+
- Colored output for better readability
127+
128+
### `oauth2-device-flow.go`
129+
130+
A Go program that implements the OAuth2 device authorization flow. Used internally by `test-device-flow.sh` but can also be run standalone:
131+
132+
```bash
133+
export CLIENT_ID="your-client-id"
134+
export CLIENT_SECRET="your-client-secret"
135+
go run ./scripts/oauth2/oauth2-device-flow.go
136+
```
137+
105138
## Example Workflow
106139

107140
1. **Run automated tests:**
@@ -126,7 +159,23 @@ go run ./scripts/oauth2/oauth2-test-server.go
126159
./scripts/oauth2/cleanup-test-app.sh
127160
```
128161

129-
3. **Generate PKCE for custom testing:**
162+
3. **Device authorization flow testing:**
163+
164+
```bash
165+
# Create app
166+
eval $(./scripts/oauth2/setup-test-app.sh)
167+
168+
# Run the device flow test
169+
./scripts/oauth2/test-device-flow.sh
170+
# - Shows device code and verification URL
171+
# - Polls for authorization completion
172+
# - Tests access token
173+
174+
# Clean up when done
175+
./scripts/oauth2/cleanup-test-app.sh
176+
```
177+
178+
4. **Generate PKCE for custom testing:**
130179

131180
```bash
132181
./scripts/oauth2/generate-pkce.sh
@@ -147,4 +196,5 @@ All scripts respect these environment variables:
147196
- Metadata: `GET /.well-known/oauth-authorization-server`
148197
- Authorization: `GET/POST /oauth2/authorize`
149198
- Token: `POST /oauth2/token`
199+
- Device Authorization: `POST /oauth2/device`
150200
- Apps API: `/api/v2/oauth2-provider/apps`

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy