--- a/spec/util_sasl_spec.lua Fri May 26 17:39:53 2023 +0200
+++ b/spec/util_sasl_spec.lua Fri May 26 20:45:10 2023 +0200
@@ -39,5 +39,37 @@
-- TODO SCRAM
end);
+
+ describe("oauthbearer profile", function()
+ local profile = {
+ oauthbearer = function(_, token, _realm, _authzid)
+ if token == "example-bearer-token" then
+ return "user", true, {};
+ else
+ return nil, nil, {}
+ end
+ end;
+ }
+
+ it("works with OAUTHBEARER", function()
+ local bearer = sasl.new("sasl.test", profile);
+
+ assert.truthy(bearer:select("OAUTHBEARER"));
+ assert.equals("success", bearer:process("n,,\1auth=Bearer example-bearer-token\1\1"));
+ assert.equals("user", bearer.username);
+ end)
+
+
+ it("returns extras with OAUTHBEARER", function()
+ local bearer = sasl.new("sasl.test", profile);
+
+ assert.truthy(bearer:select("OAUTHBEARER"));
+ local status, extra = bearer:process("n,,\1auth=Bearer unknown\1\1");
+ assert.equals("challenge", status);
+ assert.equals("{\"status\":\"invalid_token\"}", extra);
+ assert.equals("failure", bearer:process("\1"));
+ end)
+
+ end)
end);