1 files changed, 33 insertions, 30 deletions

diff --git a/internal/oidc/store_test.go b/internal/oidc/store_test.go
index 580e864e4..def1d4e8e 100644
--- a/internal/oidc/store_test.go
+++ b/internal/oidc/store_test.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"testing"
 
+	"github.com/ory/fosite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
@@ -17,23 +18,23 @@ func TestOpenIDConnectStore_GetClientPolicy(t *testing.T) {
 		IssuerPrivateKey:       mustParseRSAPrivateKey(exampleIssuerPrivateKey),
 		Clients: []schema.OpenIDConnectClientConfiguration{
 			{
-				ID:          "myclient",
-				Description: "myclient desc",
-				Policy:      "one_factor",
+				ID:          myclient,
+				Description: myclientdesc,
+				Policy:      onefactor,
 				Scopes:      []string{ScopeOpenID, ScopeProfile},
 				Secret:      MustDecodeSecret("$plaintext$mysecret"),
 			},
 			{
 				ID:          "myotherclient",
-				Description: "myclient desc",
-				Policy:      "two_factor",
+				Description: myclientdesc,
+				Policy:      twofactor,
 				Scopes:      []string{ScopeOpenID, ScopeProfile},
 				Secret:      MustDecodeSecret("$plaintext$mysecret"),
 			},
 		},
 	}, nil)
 
-	policyOne := s.GetClientPolicy("myclient")
+	policyOne := s.GetClientPolicy(myclient)
 	assert.Equal(t, authorization.OneFactor, policyOne)
 
 	policyTwo := s.GetClientPolicy("myotherclient")
@@ -49,9 +50,9 @@ func TestOpenIDConnectStore_GetInternalClient(t *testing.T) {
 		IssuerPrivateKey:       mustParseRSAPrivateKey(exampleIssuerPrivateKey),
 		Clients: []schema.OpenIDConnectClientConfiguration{
 			{
-				ID:          "myclient",
-				Description: "myclient desc",
-				Policy:      "one_factor",
+				ID:          myclient,
+				Description: myclientdesc,
+				Policy:      onefactor,
 				Scopes:      []string{ScopeOpenID, ScopeProfile},
 				Secret:      MustDecodeSecret("$plaintext$mysecret"),
 			},
@@ -62,17 +63,19 @@ func TestOpenIDConnectStore_GetInternalClient(t *testing.T) {
 	assert.EqualError(t, err, "invalid_client")
 	assert.Nil(t, client)
 
-	client, err = s.GetClient(context.Background(), "myclient")
+	client, err = s.GetClient(context.Background(), myclient)
 	require.NoError(t, err)
 	require.NotNil(t, client)
-	assert.Equal(t, "myclient", client.GetID())
+	assert.Equal(t, myclient, client.GetID())
 }
 
 func TestOpenIDConnectStore_GetInternalClient_ValidClient(t *testing.T) {
+	id := myclient
+
 	c1 := schema.OpenIDConnectClientConfiguration{
-		ID:          "myclient",
-		Description: "myclient desc",
-		Policy:      "one_factor",
+		ID:          id,
+		Description: myclientdesc,
+		Policy:      onefactor,
 		Scopes:      []string{ScopeOpenID, ScopeProfile},
 		Secret:      MustDecodeSecret("$plaintext$mysecret"),
 	}
@@ -83,24 +86,24 @@ func TestOpenIDConnectStore_GetInternalClient_ValidClient(t *testing.T) {
 		Clients:                []schema.OpenIDConnectClientConfiguration{c1},
 	}, nil)
 
-	client, err := s.GetFullClient(c1.ID)
+	client, err := s.GetFullClient(id)
 	require.NoError(t, err)
 	require.NotNil(t, client)
-	assert.Equal(t, client.ID, c1.ID)
-	assert.Equal(t, client.Description, c1.Description)
-	assert.Equal(t, client.Scopes, c1.Scopes)
-	assert.Equal(t, client.GrantTypes, c1.GrantTypes)
-	assert.Equal(t, client.ResponseTypes, c1.ResponseTypes)
-	assert.Equal(t, client.RedirectURIs, c1.RedirectURIs)
-	assert.Equal(t, client.Policy, authorization.OneFactor)
-	assert.Equal(t, client.Secret.Encode(), "$plaintext$mysecret")
+	assert.Equal(t, id, client.GetID())
+	assert.Equal(t, myclientdesc, client.GetDescription())
+	assert.Equal(t, fosite.Arguments(c1.Scopes), client.GetScopes())
+	assert.Equal(t, fosite.Arguments([]string{GrantTypeAuthorizationCode}), client.GetGrantTypes())
+	assert.Equal(t, fosite.Arguments([]string{ResponseTypeAuthorizationCodeFlow}), client.GetResponseTypes())
+	assert.Equal(t, []string(nil), client.GetRedirectURIs())
+	assert.Equal(t, authorization.OneFactor, client.GetAuthorizationPolicy())
+	assert.Equal(t, "$plaintext$mysecret", client.GetSecret().Encode())
 }
 
 func TestOpenIDConnectStore_GetInternalClient_InvalidClient(t *testing.T) {
 	c1 := schema.OpenIDConnectClientConfiguration{
-		ID:          "myclient",
-		Description: "myclient desc",
-		Policy:      "one_factor",
+		ID:          myclient,
+		Description: myclientdesc,
+		Policy:      onefactor,
 		Scopes:      []string{ScopeOpenID, ScopeProfile},
 		Secret:      MustDecodeSecret("$plaintext$mysecret"),
 	}
@@ -122,16 +125,16 @@ func TestOpenIDConnectStore_IsValidClientID(t *testing.T) {
 		IssuerPrivateKey:       mustParseRSAPrivateKey(exampleIssuerPrivateKey),
 		Clients: []schema.OpenIDConnectClientConfiguration{
 			{
-				ID:          "myclient",
-				Description: "myclient desc",
-				Policy:      "one_factor",
+				ID:          myclient,
+				Description: myclientdesc,
+				Policy:      onefactor,
 				Scopes:      []string{ScopeOpenID, ScopeProfile},
 				Secret:      MustDecodeSecret("$plaintext$mysecret"),
 			},
 		},
 	}, nil)
 
-	validClient := s.IsValidClientID("myclient")
+	validClient := s.IsValidClientID(myclient)
 	invalidClient := s.IsValidClientID("myinvalidclient")
 
 	assert.True(t, validClient)