From dc9de90e80e48795d4fb5d58f75ca723ecb58a29 Mon Sep 17 00:00:00 2001 From: Emelia Smith Date: Mon, 2 Jun 2025 15:21:21 +0200 Subject: [PATCH] Add test coverage for multiple redirect URIs for OAuth apps --- src/api/v1/apps.test.ts | 42 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/src/api/v1/apps.test.ts b/src/api/v1/apps.test.ts index 383051b1..113729ba 100644 --- a/src/api/v1/apps.test.ts +++ b/src/api/v1/apps.test.ts @@ -157,6 +157,48 @@ describe.sequential("POST /api/v1/apps", () => { expect(application.confidential).toBe(true); }); + it("successfully creates an application with multiple redirect_uris", async () => { + expect.assertions(10); + const body = JSON.stringify({ + client_name: "Test: Multiple redirect URIs", + redirect_uris: [ + "https://app.test/onboarding/connect", + "https://app.test/oauth/callback", + ], + }); + + const response = await app.request("/api/v1/apps", { + method: "POST", + body, + headers: { + "content-type": "application/json", + }, + }); + + expect(response.status).toBe(200); + expect(response.headers.get("content-type")).toBe("application/json"); + expect(response.headers.get("access-control-allow-origin")).toBe("*"); + + const credentialApplication = await response.json(); + const application = await getLastApplication(); + + expect(typeof credentialApplication).toBe("object"); + expect(credentialApplication.id).toBe(application.id); + expect(credentialApplication.redirect_uris).toEqual( + application.redirectUris, + ); + expect(credentialApplication.redirect_uri).toBe( + application.redirectUris.join(" "), + ); + + expect(application.redirectUris).toEqual([ + "https://app.test/onboarding/connect", + "https://app.test/oauth/callback", + ]); + expect(application.scopes).toEqual(["read"]); + expect(application.confidential).toBe(true); + }); + // TODO: Support public clients it.skip("successfully creates a public client application");