diff options
author | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-06-18 19:43:44 +0300 |
---|---|---|
committer | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-06-30 22:51:43 +0300 |
commit | 1b2c9bec53272e1f757015dcb28c835492b25ad0 (patch) | |
tree | 1865707567487d4eb716128c2010a0be83d0a03e /acceptance_test.go | |
parent | 5828ffbece3a751198a2f9a0c7c8b144d13179c4 (diff) |
Use header authentication instead of query parameter
Diffstat (limited to 'acceptance_test.go')
-rw-r--r-- | acceptance_test.go | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/acceptance_test.go b/acceptance_test.go index 78247f33..3e46a5f0 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -619,7 +619,7 @@ func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) { skipUnlessEnabled(t) teardown := RunPagesProcess(t, *pagesBinary, listeners, "", "-auth-client-id=1", "-auth-client-secret=1", - "-auth-server=https://gitlab-example.com", + "-auth-server=https://gitlab-auth.com", "-auth-redirect-uri=https://gitlab-example.com/auth", "-auth-secret=something-very-secret") defer teardown() @@ -635,7 +635,7 @@ func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) { skipUnlessEnabled(t) teardown := RunPagesProcess(t, *pagesBinary, listeners, "", "-auth-client-id=1", "-auth-client-secret=1", - "-auth-server=https://gitlab-example.com", + "-auth-server=https://gitlab-auth.com", "-auth-redirect-uri=https://gitlab-example.com/auth", "-auth-secret=something-very-secret") defer teardown() @@ -658,7 +658,7 @@ func TestWhenLoginCallbackWithCorrectStateWithoutEndpoint(t *testing.T) { skipUnlessEnabled(t) teardown := RunPagesProcess(t, *pagesBinary, listeners, "", "-auth-client-id=1", "-auth-client-secret=1", - "-auth-server=https://gitlab-example.com", + "-auth-server=https://gitlab-auth.com", "-auth-redirect-uri=https://gitlab-example.com/auth", "-auth-secret=something-very-secret") defer teardown() @@ -694,7 +694,7 @@ func TestWhenLoginCallbackWithCorrectStateWithEndpointAndAccess(t *testing.T) { w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") case "/api/v4/projects/1000": - assert.Equal(t, "abc", r.URL.Query().Get("access_token")) + assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: t.Logf("Unexpected r.URL.RawPath: %q", r.URL.Path) @@ -752,7 +752,7 @@ func TestWhenLoginCallbackWithCorrectStateWithEndpointAndNoAccess(t *testing.T) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") case "/api/v4/projects/1000": - assert.Equal(t, "abc", r.URL.Query().Get("access_token")) + assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) default: t.Logf("Unexpected r.URL.RawPath: %q", r.URL.Path) @@ -810,7 +810,7 @@ func TestWhenLoginCallbackWithCorrectStateWithEndpointButTokenIsInvalid(t *testi w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") case "/api/v4/projects/1000": - assert.Equal(t, "abc", r.URL.Query().Get("access_token")) + assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") default: |