admin/pdnode-account
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
pdnode-account/test-oauth.js
Bret 0c481c7a0e v0.1.0
2025-07-29 15:36:25 -07:00

219 lines
7.6 KiB
JavaScript
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

const axios = require('axios');
const BASE_URL = 'http://localhost:3000';
const AUTH_URL = `${BASE_URL}/api/auth`;
const OAUTH_URL = `${BASE_URL}/api/oauth`;
// 测试数据
const testUser = {
username: `oauthuser${Date.now()}`,
email: `oauthuser${Date.now()}@example.com`,
password: 'TestPassword123'
};
const testOAuthClient = {
name: '测试OAuth客户端',
description: '用于测试的OAuth客户端',
redirect_uris: ['http://localhost:3001/callback'],
scopes: ['read', 'write']
};
let authToken = '';
let clientId = '';
let clientSecret = '';
let authCode = '';
let accessToken = '';
let refreshToken = '';
async function testOAuthFlow() {
console.log('🚀 开始测试OAuth功能...\n');
try {
// 1. 注册测试用户
console.log('1. 注册测试用户...');
const registerResponse = await axios.post(`${AUTH_URL}/register`, testUser);
if (registerResponse.data.success) {
console.log('✅ 用户注册成功:', registerResponse.data.message);
} else {
console.log('❌ 用户注册失败:', registerResponse.data.message);
return;
}
// 2. 登录获取JWT令牌
console.log('\n2. 登录获取JWT令牌...');
const loginResponse = await axios.post(`${AUTH_URL}/login`, {
username: testUser.username,
password: testUser.password
});
if (loginResponse.data.success) {
authToken = loginResponse.data.data.token;
console.log('✅ 登录成功获取到JWT令牌');
} else {
console.log('❌ 登录失败:', loginResponse.data.message);
return;
}
// 3. 创建OAuth客户端
console.log('\n3. 创建OAuth客户端...');
const clientResponse = await axios.post(`${OAUTH_URL}/clients`, testOAuthClient, {
headers: { Authorization: `Bearer ${authToken}` }
});
if (clientResponse.data.success) {
const clientData = clientResponse.data.data;
clientId = clientData.client_id;
clientSecret = clientData.client_secret;
console.log('✅ OAuth客户端创建成功:', clientResponse.data.message);
console.log(`Client ID: ${clientId}`);
console.log(`Client Secret: ${clientSecret.substring(0, 16)}...`);
} else {
console.log('❌ OAuth客户端创建失败:', clientResponse.data.message);
return;
}
// 4. 测试授权端点
console.log('\n4. 测试授权端点...');
const authorizeUrl = `${OAUTH_URL}/authorize?response_type=code&client_id=${clientId}&redirect_uri=${encodeURIComponent('http://localhost:3001/callback')}&scope=read write&state=test_state_123`;
const authorizeResponse = await axios.get(authorizeUrl, {
headers: { Authorization: `Bearer ${authToken}` }
});
if (authorizeResponse.data.success) {
authCode = authorizeResponse.data.data.code;
console.log('✅ 授权成功:', authorizeResponse.data.message);
console.log(`授权码: ${authCode.substring(0, 20)}...`);
} else {
console.log('❌ 授权失败:', authorizeResponse.data.message);
return;
}
// 5. 测试令牌交换
console.log('\n5. 测试令牌交换...');
const tokenResponse = await axios.post(`${OAUTH_URL}/token`, {
grant_type: 'authorization_code',
client_id: clientId,
client_secret: clientSecret,
code: authCode,
redirect_uri: 'http://localhost:3001/callback'
});
if (tokenResponse.data.success) {
const tokenData = tokenResponse.data.data;
accessToken = tokenData.access_token;
refreshToken = tokenData.refresh_token;
console.log('✅ 令牌交换成功');
console.log(`访问令牌: ${accessToken.substring(0, 20)}...`);
console.log(`刷新令牌: ${refreshToken.substring(0, 20)}...`);
} else {
console.log('❌ 令牌交换失败:', tokenResponse.data.message);
return;
}
// 6. 测试用户信息端点
console.log('\n6. 测试用户信息端点...');
const userInfoResponse = await axios.get(`${OAUTH_URL}/userinfo`, {
headers: { Authorization: `Bearer ${accessToken}` }
});
if (userInfoResponse.data.success) {
console.log('✅ 用户信息获取成功');
console.log('用户信息:', userInfoResponse.data.data);
} else {
console.log('❌ 用户信息获取失败:', userInfoResponse.data.message);
}
// 7. 测试令牌信息端点
console.log('\n7. 测试令牌信息端点...');
const tokenInfoResponse = await axios.get(`${OAUTH_URL}/tokeninfo`, {
headers: { Authorization: `Bearer ${accessToken}` }
});
if (tokenInfoResponse.data.success) {
console.log('✅ 令牌信息获取成功');
console.log('令牌信息:', tokenInfoResponse.data.data);
} else {
console.log('❌ 令牌信息获取失败:', tokenInfoResponse.data.message);
}
// 8. 测试刷新令牌
console.log('\n8. 测试刷新令牌...');
const refreshResponse = await axios.post(`${OAUTH_URL}/token`, {
grant_type: 'refresh_token',
client_id: clientId,
client_secret: clientSecret,
refresh_token: refreshToken
});
if (refreshResponse.data.success) {
const newTokenData = refreshResponse.data.data;
accessToken = newTokenData.access_token;
refreshToken = newTokenData.refresh_token;
console.log('✅ 刷新令牌成功');
console.log(`新访问令牌: ${accessToken.substring(0, 20)}...`);
} else {
console.log('❌ 刷新令牌失败:', refreshResponse.data.message);
}
// 9. 测试撤销令牌
console.log('\n9. 测试撤销令牌...');
const revokeResponse = await axios.post(`${OAUTH_URL}/revoke`, {
token: accessToken,
client_id: clientId,
client_secret: clientSecret
});
if (revokeResponse.data.success) {
console.log('✅ 令牌撤销成功');
} else {
console.log('❌ 令牌撤销失败:', revokeResponse.data.message);
}
// 10. 测试OAuth客户端管理
console.log('\n10. 测试OAuth客户端管理...');
const clientsResponse = await axios.get(`${OAUTH_URL}/clients`, {
headers: { Authorization: `Bearer ${authToken}` }
});
if (clientsResponse.data.success) {
console.log('✅ 获取客户端列表成功');
console.log(`客户端数量: ${clientsResponse.data.data.clients.length}`);
} else {
console.log('❌ 获取客户端列表失败:', clientsResponse.data.message);
}
// 11. 测试获取客户端密钥
console.log('\n11. 测试获取客户端密钥...');
const secretResponse = await axios.get(`${OAUTH_URL}/clients/${clientId}/secret`, {
headers: { Authorization: `Bearer ${authToken}` }
});
if (secretResponse.data.success) {
console.log('✅ 获取客户端密钥成功');
console.log(`密钥: ${secretResponse.data.data.client_secret.substring(0, 16)}...`);
} else {
console.log('❌ 获取客户端密钥失败:', secretResponse.data.message);
}
// 12. 测试OAuth发现端点
console.log('\n12. 测试OAuth发现端点...');
const discoveryResponse = await axios.get(`${BASE_URL}/.well-known/oauth-authorization-server`);
if (discoveryResponse.status === 200) {
console.log('✅ OAuth发现端点正常');
console.log('授权端点:', discoveryResponse.data.authorization_endpoint);
console.log('令牌端点:', discoveryResponse.data.token_endpoint);
} else {
console.log('❌ OAuth发现端点异常');
}
console.log('\n🎉 OAuth完整流程测试通过');
} catch (error) {
console.error('❌ OAuth测试失败:', error.response?.data || error.message);
}
}
// 运行测试
testOAuthFlow();
Reference in New Issue View Git Blame Copy Permalink