Enhance test

server/http_oauth2_test.go

@@ -13,7 +13,6 @@ import (
 	"time"
 
 	"github.com/dgrijalva/jwt-go/v4"
-	uuid "github.com/satori/go.uuid"
 
 	"github.com/avenga/couper/accesscontrol"
 	"github.com/avenga/couper/eval/lib"
@@ -378,20 +377,24 @@ func TestOAuth2_AccessControl(t *testing.T) {
 
 func TestOAuth2_Locking(t *testing.T) {
 	helper := test.New(t)
-	token := uuid.NewV4().String()
-
+	token := "token-"
 	var oauthRequestCount int32
 	oauthOrigin := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		atomic.AddInt32(&oauthRequestCount, 1)
 		if req.URL.Path == "/oauth2" {
 			rw.Header().Set("Content-Type", "application/json")
 			rw.WriteHeader(http.StatusOK)
 
+			n := fmt.Sprintf("%d", atomic.LoadInt32(&oauthRequestCount))
 			body := []byte(`{
-				"access_token": "` + token + `",
+				"access_token": "` + token + n + `",
 				"token_type": "bearer",
-				"expires_in": 100
+				"expires_in": 1.5
 			}`)
+
+			// Slow down token request to test locking.
+			time.Sleep(1 * time.Second)
+
 			_, werr := rw.Write(body)
 			helper.Must(werr)
 
@@ -404,8 +407,8 @@ func TestOAuth2_Locking(t *testing.T) {
 
 	ResourceOrigin := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		if req.URL.Path == "/resource" {
-			if req.Header.Get("Authorization") == "Bearer "+token {
-				rw.Header().Set("Token", token)
+			if auth := req.Header.Get("Authorization"); auth != "" {
+				rw.Header().Set("Token", auth[len("Bearer "):])
 				rw.WriteHeader(http.StatusNoContent)
 			}
 
@@ -466,16 +469,84 @@ func TestOAuth2_Locking(t *testing.T) {
 			t.Errorf("Expected status NoContent, got: %d", res.StatusCode)
 		}
 
-		if token != res.Header.Get("Token") {
-			t.Errorf("Invalid token given: want %s, got: %s", token, res.Header.Get("Token"))
+		if token+"1" != res.Header.Get("Token") {
+			t.Errorf("Invalid token given: want %s1, got: %s", token, res.Header.Get("Token"))
 		}
 	}
 
 	if oauthRequestCount != 1 {
 		t.Errorf("Too many OAuth2 requests: want 1, got: %d", oauthRequestCount)
 	}
 
+	// Wait until token has expired.
+	time.Sleep(2 * time.Second)
+
+	// Fetch new token.
+	go func() {
+		res, err := newClient().Do(req)
+		helper.Must(err)
+
+		if token+"2" != res.Header.Get("Token") {
+			t.Errorf("Received wrong token: want %s2, got: %s", token, res.Header.Get("Token"))
+		}
+	}()
+
+	// Slow response due to lock
+	go func() {
+		start := time.Now()
+		res, err := newClient().Do(req)
+		helper.Must(err)
+		timeElapsed := time.Since(start).Seconds()
+
+		if token+"2" != res.Header.Get("Token") {
+			t.Errorf("Received wrong token: want %s2, got: %s", token, res.Header.Get("Token"))
+		}
+
+		if timeElapsed < 1 {
+			t.Errorf("Response came too fast: dysfunctional lock?! (%v s)", timeElapsed)
+		}
+	}()
+
+	// Wait again until token has expired.
+	time.Sleep(2 * time.Second)
+
+	// Request fresh token and store in memstore
+	res, err := newClient().Do(req)
+	helper.Must(err)
+	if res.StatusCode != http.StatusNoContent {
+		t.Errorf("Unexpected response status: want %d, got: %d", http.StatusNoContent, res.StatusCode)
+	}
+
+	if token+"3" != res.Header.Get("Token") {
+		t.Errorf("Received wrong token: want %s3, got: %s", token, res.Header.Get("Token"))
+	}
+
+	if oauthRequestCount != 3 {
+		t.Errorf("Unexpected number of OAuth2 requests: want 3, got: %d", oauthRequestCount)
+	}
+
+	// Disconnect OAuth server
 	oauthOrigin.Close()
+
+	// Next request gets token from memstore
+	res, err = newClient().Do(req)
+	helper.Must(err)
+	if res.StatusCode != http.StatusNoContent {
+		t.Errorf("Unexpected response status: want %d, got: %d", http.StatusNoContent, res.StatusCode)
+	}
+
+	if token+"3" != res.Header.Get("Token") {
+		t.Errorf("Wrong token from mem store: want %s3, got: %s", token, res.Header.Get("Token"))
+	}
+
+	// Wait until token has expired. Next request accesses the OAuth server again.
+	time.Sleep(2 * time.Second)
+	res, err = newClient().Do(req)
+	helper.Must(err)
+	if res.StatusCode != http.StatusBadGateway {
+		t.Errorf("Unexpected response status: want %d, got: %d", http.StatusBadGateway, res.StatusCode)
+	}
+
 	ResourceOrigin.Close()
 	shutdown()
 }