Added Fuzz tests

2024-11-15 01:36:02 +05:30 · 2014-08-04 09:12:00 +01:00 · 2014-08-04 09:12:00 +01:00 · ffe59f5a5f
commit ffe59f5a5f
parent 7b9899c46b
4 changed files with 70 additions and 0 deletions
--- a/tests/fuzz/tokeninfo-no-access-token.yml
+++ b/tests/fuzz/tokeninfo-no-access-token.yml
@ -0,0 +1,14 @@
+url: 'http://localhost:8000/api.php/tokeninfo'
+request:
+    method: GET
+response:
+    statusCode: 400
+    headers:
+        Content-type: application/json
+    body:
+        -
+            key: error
+            value: "invalid_request"
+        -
+            key: message
+            value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."
--- a/tests/fuzz/tokeninfo-no-invalid-token-query-string.yml
+++ b/tests/fuzz/tokeninfo-no-invalid-token-query-string.yml
@ -0,0 +1,14 @@
+url: 'http://localhost:8000/api.php/tokeninfo?access_token=foobar'
+request:
+    method: GET
+response:
+    statusCode: 400
+    headers:
+        Content-type: application/json
+    body:
+        -
+            key: error
+            value: "invalid_request"
+        -
+            key: message
+            value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."
--- a/tests/fuzz/tokeninfo-no-invalid-token.yml
+++ b/tests/fuzz/tokeninfo-no-invalid-token.yml
@ -0,0 +1,18 @@
+url: 'http://localhost:8000/api.php/tokeninfo'
+request:
+    method: GET
+    headers:
+        -
+            key: Authorization
+            value: Bearer foobar
+response:
+    statusCode: 401
+    headers:
+        Content-type: application/json
+    body:
+        -
+            key: error
+            value: "access_denied"
+        -
+            key: message
+            value: "The resource owner or authorization server denied the request."
--- a/tests/fuzz/tokeninfo-valid-token.yml
+++ b/tests/fuzz/tokeninfo-valid-token.yml
@ -0,0 +1,24 @@
+url: 'http://localhost:8000/api.php/tokeninfo'
+request:
+    method: GET
+    headers:
+        -
+            key: Authorization
+            value: "Bearer iamgod"
+response:
+    statusCode: 200
+    headers:
+        Content-type: application/json
+    body:
+        -
+            key: owner_id
+            value: testclient
+        -
+            key: owner_type
+            value: client
+        -
+            key: access_token
+            value: iamgod
+        -
+            key: client_id
+            value: testclient