const (// TestRedirectURI is the standard test redirect URITestRedirectURI = "http://localhost:9876/callback"// TestResourceURI is used for testing resource parameterTestResourceURI = "https://api.example.com"// Invalid PKCE verifier for negative testingInvalidCodeVerifier = "wrong-verifier")

var OAuth2ErrorTypes = struct {InvalidRequeststringInvalidClientstringInvalidGrantstringUnauthorizedClientstringUnsupportedGrantTypestringInvalidScopestring}{InvalidRequest:       "invalid_request",InvalidClient:        "invalid_client",InvalidGrant:         "invalid_grant",UnauthorizedClient:   "unauthorized_client",UnsupportedGrantType: "unsupported_grant_type",InvalidScope:         "invalid_scope",}

funcAuthorizeOAuth2App¶

func AuthorizeOAuth2App(t *testing.T, client *codersdk.Client, baseURLstring, paramsAuthorizeParams)string

AuthorizeOAuth2App performs the OAuth2 authorization flow and returns the authorization code

funcCleanupOAuth2App¶

func CleanupOAuth2App(t *testing.T, client *codersdk.Client, appIDuuid.UUID)

CleanupOAuth2App deletes an OAuth2 app (helper for test cleanup)

funcCreateTestOAuth2App¶

func CreateTestOAuth2App(t *testing.T, client *codersdk.Client) (*codersdk.OAuth2ProviderApp,string)

CreateTestOAuth2App creates an OAuth2 app for testing and returns the app and client secret

funcExchangeCodeForToken¶

func ExchangeCodeForToken(t *testing.T, baseURLstring, paramsTokenExchangeParams) *oauth2.Token

ExchangeCodeForToken exchanges an authorization code for tokens

funcFetchOAuth2Metadata¶

func FetchOAuth2Metadata(t *testing.T, baseURLstring) map[string]any

FetchOAuth2Metadata fetches and returns OAuth2 authorization server metadata

funcGenerateCodeChallenge¶

func GenerateCodeChallenge(verifierstring)string

GenerateCodeChallenge creates an S256 code challenge from a verifier

funcGeneratePKCE¶

func GeneratePKCE(t *testing.T) (verifier, challengestring)

GeneratePKCE generates a random PKCE code verifier and challenge

funcGenerateState¶

func GenerateState(t *testing.T)string

GenerateState generates a random state parameter

funcPerformTokenExchangeExpectingError¶

func PerformTokenExchangeExpectingError(t *testing.T, baseURLstring, paramsTokenExchangeParams, expectedErrorstring)

PerformTokenExchangeExpectingError performs a token exchange expecting an OAuth2 error

funcRequireOAuth2Error¶

func RequireOAuth2Error(t *testing.T, resp *http.Response, expectedErrorstring)

RequireOAuth2Error checks that the HTTP response contains an expected OAuth2 error

typeAuthorizeParams¶

type AuthorizeParams struct {ClientIDstringResponseTypestringRedirectURIstringStatestringCodeChallengestringCodeChallengeMethodstringResourcestringScopestring}

AuthorizeParams contains parameters for OAuth2 authorization

typeOAuth2Error¶

type OAuth2Error struct {Errorstring `json:"error"`ErrorDescriptionstring `json:"error_description,omitempty"`}

OAuth2Error represents an OAuth2 error response

typeTokenExchangeParams¶

type TokenExchangeParams struct {GrantTypestringCodestringClientIDstringClientSecretstringCodeVerifierstringRedirectURIstringRefreshTokenstringResourcestring}

TokenExchangeParams contains parameters for token exchange