diff options
-rw-r--r-- | acceptance_test.go | 8 | ||||
-rw-r--r-- | internal/auth/auth.go | 14 | ||||
-rw-r--r-- | internal/auth/auth_test.go | 12 |
3 files changed, 17 insertions, 17 deletions
diff --git a/acceptance_test.go b/acceptance_test.go index 4a9c2f22..483f4295 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -684,16 +684,16 @@ func TestAccessControl(t *testing.T) { assert.Equal(t, "POST", r.Method) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") - case "/api/v4/projects": + case "/api/v4/user": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/1000": + case "/api/v4/projects/1000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) - case "/api/v4/projects/2000": + case "/api/v4/projects/2000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) - case "/api/v4/projects/3000": + case "/api/v4/projects/3000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 334a38db..dedb9341 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -16,12 +16,12 @@ import ( ) const ( - apiURLProjectsTemplate = "%s/api/v4/projects" - apiURLProjectTemplate = "%s/api/v4/projects/%d" - authorizeURLTemplate = "%s/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code&state=%s" - tokenURLTemplate = "%s/oauth/token" - tokenContentTemplate = "client_id=%s&client_secret=%s&code=%s&grant_type=authorization_code&redirect_uri=%s" - callbackPath = "/auth" + apiURLUserTemplate = "%s/api/v4/user" + apiURLProjectTemplate = "%s/api/v4/projects/%d/pages_access" + authorizeURLTemplate = "%s/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code&state=%s" + tokenURLTemplate = "%s/oauth/token" + tokenContentTemplate = "client_id=%s&client_secret=%s&code=%s&grant_type=authorization_code&redirect_uri=%s" + callbackPath = "/auth" ) // Auth handles authenticating users with GitLab API @@ -249,7 +249,7 @@ func (a *Auth) CheckAuthenticationWithoutProject(w http.ResponseWriter, r *http. } // Access token exists, authorize request - url := fmt.Sprintf(apiURLProjectsTemplate, a.gitLabServer) + url := fmt.Sprintf(apiURLUserTemplate, a.gitLabServer) req, err := http.NewRequest("GET", url, nil) if err != nil { diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 69f1d731..f95583b3 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -69,7 +69,7 @@ func TestTryAuthenticateWithCodeAndState(t *testing.T) { assert.Equal(t, "POST", r.Method) w.WriteHeader(http.StatusOK) fmt.Fprint(w, "{\"access_token\":\"abc\"}") - case "/api/v4/projects/1000": + case "/api/v4/projects/1000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -108,7 +108,7 @@ func TestTryAuthenticateWithCodeAndState(t *testing.T) { func TestCheckAuthenticationWhenAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000": + case "/api/v4/projects/1000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -145,7 +145,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { func TestCheckAuthenticationWhenNoAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000": + case "/api/v4/projects/1000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) default: @@ -182,7 +182,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects/1000": + case "/api/v4/projects/1000/pages_access": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") @@ -220,7 +220,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { func TestCheckAuthenticationWithoutProject(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects": + case "/api/v4/user": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusOK) default: @@ -257,7 +257,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) { func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { - case "/api/v4/projects": + case "/api/v4/user": assert.Equal(t, "Bearer abc", r.Header.Get("Authorization")) w.WriteHeader(http.StatusUnauthorized) fmt.Fprint(w, "{\"error\":\"invalid_token\"}") |