Test oauth_bootstrap.js with/out jwt/opaque token

MarcialRosales · MarcialRosales · commit 0a7392240aca · 2025-07-23T14:42:25.000+02:00
diff --git a/deps/oauth2_client/src/oauth2_client.erl b/deps/oauth2_client/src/oauth2_client.erl
@@ -917,7 +917,9 @@ get_env(Par, Def) ->
 set_env(Par, Val) ->
     application:set_env(rabbitmq_auth_backend_oauth2, Par, Val).
 
--spec is_jwt_token(binary() | map()) -> boolean().
+-spec is_jwt_token(list() | binary() | map()) -> boolean().
+is_jwt_token(Token) when is_list(Token) ->
+    is_jwt_token(list_to_binary(Token));
 is_jwt_token(Token) when is_binary(Token) ->
     case binary:split(Token, <<".">>, [global]) of 
         [_, _, _] -> true;
diff --git a/deps/rabbitmq_management/test/rabbit_mgmt_wm_auth_SUITE.erl b/deps/rabbitmq_management/test/rabbit_mgmt_wm_auth_SUITE.erl
@@ -1030,7 +1030,14 @@ introspect_opaque_token_returns_401_from_auth_server(Config) ->
 oauth_bootstrap_with_jwt_token_in_header(Config) ->
   URI = rabbit_mgmt_test_util:uri_base_from(Config, 0, "") ++ "js/oidc-oauth/bootstrap.js",
   Result = httpc:request(get, {URI, [{"Authorization", "bearer active"}]}, [], []), 
-  ct:log("response idp:  ~p ~p", [URI, Result]).
+  {ok, {{_HTTP, 200, _}, _Headers, ResBody}} = Result,
+  ct:log("resbody: ~p", [ResBody]),
+  case string:find(ResBody,"set_token_auth(") of 
+    nomatch -> ct:fail("expected setting token");
+    Reminder -> 
+      {match, [Token | _]} = re:run(Reminder, "'([^']*)'", [{capture, [1], list}]),
+      ?assertEqual(true, oauth2_client:is_jwt_token(Token))
+  end.
 
 oauth_bootstrap_with_jwt_token_in_cookie(Config) ->
   URI = rabbit_mgmt_test_util:uri_base_from(Config, 0, "") ++ "js/oidc-oauth/bootstrap.js",
@@ -1044,13 +1051,16 @@ oauth_bootstrap_with_opaque_token_in_cookie(Config) ->
 
 oauth_bootstrap_cannot_introspect_opaque_token(Config) ->
   URI = rabbit_mgmt_test_util:uri_base_from(Config, 0, "") ++ "js/oidc-oauth/bootstrap.js",
-  Result = httpc:request(get, {URI, [{"Authorization", "bearer active"}]}, [], []), 
-  ct:log("response idp:  ~p ~p", [URI, Result]).
+  {ok, {{_HTTP, 401, _}, _Headers, _ResBody}} = 
+    httpc:request(get, {URI, [{"Authorization", "bearer inactive"}]}, [], []).   
 
 oauth_bootstrap_without_any_token(Config) ->
   URI = rabbit_mgmt_test_util:uri_base_from(Config, 0, "") ++ "js/oidc-oauth/bootstrap.js",
-  Result = httpc:request(get, {URI, [{"Authorization", "bearer active"}]}, [], []), 
-  ct:log("response idp:  ~p ~p", [URI, Result]).
+  {ok, {{_HTTP, 200, _}, _Headers, ResBody}} = httpc:request(get, {URI, []}, [], []), 
+  case string:find(ResBody,"set_token_auth(") of 
+    nomatch -> ok;
+    Reminder -> ct:fail("expected no set_token_auth call")
+  end.
 
 
 %% -------------------------------------------------------------------
