# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1685126710 -7200
# Node ID 191fe4866e3e9d5c3929cd559fb0026de340f6ea
# Parent  b6aaab0846fef650d911198a622d5b04e302cf59
util.sasl: Add basic tests for OAUTHBEARER

diff -r b6aaab0846fe -r 191fe4866e3e spec/util_sasl_spec.lua
--- a/spec/util_sasl_spec.lua	Fri May 26 17:39:53 2023 +0200
+++ b/spec/util_sasl_spec.lua	Fri May 26 20:45:10 2023 +0200
@@ -39,5 +39,37 @@
 
 		-- TODO SCRAM
 	end);
+
+	describe("oauthbearer profile", function()
+		local profile = {
+			oauthbearer = function(_, token, _realm, _authzid)
+				if token == "example-bearer-token" then
+					return "user", true, {};
+				else
+					return nil, nil, {}
+				end
+			end;
+		}
+
+		it("works with OAUTHBEARER", function()
+			local bearer = sasl.new("sasl.test", profile);
+
+			assert.truthy(bearer:select("OAUTHBEARER"));
+			assert.equals("success", bearer:process("n,,\1auth=Bearer example-bearer-token\1\1"));
+			assert.equals("user", bearer.username);
+		end)
+
+
+		it("returns extras with OAUTHBEARER", function()
+			local bearer = sasl.new("sasl.test", profile);
+
+			assert.truthy(bearer:select("OAUTHBEARER"));
+			local status, extra = bearer:process("n,,\1auth=Bearer unknown\1\1");
+			assert.equals("challenge", status);
+			assert.equals("{\"status\":\"invalid_token\"}", extra);
+			assert.equals("failure", bearer:process("\1"));
+		end)
+
+	end)
 end);