test: validate rotated refresh token and old-token failure
This commit is contained in:
@@ -610,6 +610,14 @@ func TestIntegration_Services(t *testing.T) {
|
|||||||
t.Error("New access token should be different from original")
|
t.Error("New access token should be different from original")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if newAccessToken.RefreshToken == "" {
|
||||||
|
t.Fatal("Refresh should return a new refresh token")
|
||||||
|
}
|
||||||
|
|
||||||
|
if newAccessToken.RefreshToken == loginResult.RefreshToken {
|
||||||
|
t.Error("Refresh token should rotate")
|
||||||
|
}
|
||||||
|
|
||||||
userID, err := authService.VerifyToken(newAccessToken.AccessToken)
|
userID, err := authService.VerifyToken(newAccessToken.AccessToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("New access token should be valid: %v", err)
|
t.Fatalf("New access token should be valid: %v", err)
|
||||||
@@ -618,6 +626,11 @@ func TestIntegration_Services(t *testing.T) {
|
|||||||
if userID != user.ID {
|
if userID != user.ID {
|
||||||
t.Errorf("Expected user ID %d, got %d", user.ID, userID)
|
t.Errorf("Expected user ID %d, got %d", user.ID, userID)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_, err = authService.RefreshAccessToken(loginResult.RefreshToken)
|
||||||
|
if err == nil {
|
||||||
|
t.Error("Expected error for rotated refresh token")
|
||||||
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
t.Run("Refresh_Token_Expiration", func(t *testing.T) {
|
t.Run("Refresh_Token_Expiration", func(t *testing.T) {
|
||||||
|
|||||||
Reference in New Issue
Block a user