handlers: test utility to help request the admin API

2025-07-31 09:24:31 +03:00 · 2024-07-29 10:40:58 +02:00
parent 94004ce18c
commit 015f6e2455
1 changed files with 45 additions and 0 deletions
--- a/crates/handlers/src/test_utils.rs
+++ b/crates/handlers/src/test_utils.rs
@ -46,6 +46,7 @@ use mas_router::{SimpleRoute, UrlBuilder};
 use mas_storage::{clock::MockClock, BoxClock, BoxRepository, BoxRng};
 use mas_storage_pg::{DatabaseError, PgRepository};
 use mas_templates::{SiteConfigExt, Templates};
+use oauth2_types::{registration::ClientRegistrationResponse, requests::AccessTokenResponse};
 use rand::SeedableRng;
 use rand_chacha::ChaChaRng;
 use serde::{de::DeserializeOwned, Serialize};
@ -249,6 +250,7 @@ impl TestState {
            .merge(crate::compat_router())
            .merge(crate::human_router(self.templates.clone()))
            .merge(crate::graphql_router(false))
+            .merge(crate::admin_api_router().1)
            .with_state(self.clone())
            .into_service();

@ -274,6 +276,49 @@ impl TestState {
        Response::from_parts(parts, body)
    }

+    /// Get a token with the given scope
+    pub async fn token_with_scope(&mut self, scope: &str) -> String {
+        // Provision a client
+        let request =
+            Request::post(mas_router::OAuth2RegistrationEndpoint::PATH).json(serde_json::json!({
+                "client_uri": "https://example.com/",
+                "contacts": ["contact@example.com"],
+                "token_endpoint_auth_method": "client_secret_post",
+                "grant_types": ["client_credentials"],
+            }));
+        let response = self.request(request).await;
+        response.assert_status(StatusCode::CREATED);
+        let response: ClientRegistrationResponse = response.json();
+        let client_id = response.client_id;
+        let client_secret = response.client_secret.expect("to have a client secret");
+
+        // Make the client admin
+        let state = {
+            let mut state = self.clone();
+            state.policy_factory = policy_factory(serde_json::json!({
+                "admin_clients": [client_id],
+            }))
+            .await
+            .unwrap();
+            state
+        };
+
+        // Ask for a token with the admin scope
+        let request =
+            Request::post(mas_router::OAuth2TokenEndpoint::PATH).form(serde_json::json!({
+                "grant_type": "client_credentials",
+                "client_id": client_id,
+                "client_secret": client_secret,
+                "scope": scope,
+            }));
+
+        let response = state.request(request).await;
+        response.assert_status(StatusCode::OK);
+        let AccessTokenResponse { access_token, .. } = response.json();
+
+        access_token
+    }
+
    pub async fn repository(&self) -> Result<BoxRepository, DatabaseError> {
        let repo = PgRepository::from_pool(&self.pool).await?;
        Ok(repo.boxed())