Do this as an e2e test instead

tests-e2e/conns_test.go

@@ -1,13 +1,86 @@
 package syncv3_test
 
 import (
+	"encoding/json"
 	"fmt"
+	"io"
+	"net/http"
+	"net/url"
 	"testing"
+	"time"
 
 	"github.com/matrix-org/sliding-sync/sync3"
 	"github.com/matrix-org/sliding-sync/testutils/m"
 )
 
+func TestInvalidTokenReturnsMUnknownTokenError(t *testing.T) {
+	alice := registerNewUser(t)
+	roomID := alice.CreateRoom(t, map[string]interface{}{})
+	// normal sliding sync
+	alice.SlidingSync(t, sync3.Request{
+		ConnID: "A",
+		RoomSubscriptions: map[string]sync3.RoomSubscription{
+			roomID: {
+				TimelineLimit: 1,
+			},
+		},
+	})
+	// invalidate the access token
+	alice.MustDoFunc(t, "POST", []string{"_matrix", "client", "v3", "logout"})
+	// let the proxy realise the token is expired and tell downstream
+	time.Sleep(time.Second)
+
+	var invalidResponses []*http.Response
+	// using the same token now returns a 401 with M_UNKNOWN_TOKEN
+	httpRes := alice.DoFunc(t, "POST", []string{"_matrix", "client", "unstable", "org.matrix.msc3575", "sync"}, WithQueries(url.Values{
+		"timeout": []string{"500"},
+	}), WithJSONBody(t, sync3.Request{
+		ConnID: "A",
+		RoomSubscriptions: map[string]sync3.RoomSubscription{
+			roomID: {
+				TimelineLimit: 1,
+			},
+		},
+	}))
+	invalidResponses = append(invalidResponses, httpRes)
+	// using a bogus access token returns a 401 with M_UNKNOWN_TOKEN
+	alice.AccessToken = "flibble_wibble"
+	httpRes = alice.DoFunc(t, "POST", []string{"_matrix", "client", "unstable", "org.matrix.msc3575", "sync"}, WithQueries(url.Values{
+		"timeout": []string{"500"},
+	}), WithJSONBody(t, sync3.Request{
+		ConnID: "A",
+		RoomSubscriptions: map[string]sync3.RoomSubscription{
+			roomID: {
+				TimelineLimit: 1,
+			},
+		},
+	}))
+	invalidResponses = append(invalidResponses, httpRes)
+
+	for i, httpRes := range invalidResponses {
+		body, err := io.ReadAll(httpRes.Body)
+		if err != nil {
+			t.Fatalf("[%d] failed to read response body: %v", i, err)
+		}
+
+		if httpRes.StatusCode != 401 {
+			t.Errorf("[%d] got HTTP %v want 401: %v", i, httpRes.StatusCode, string(body))
+		}
+		var jsonError struct {
+			Err     string `json:"error"`
+			ErrCode string `json:"errcode"`
+		}
+
+		if err := json.Unmarshal(body, &jsonError); err != nil {
+			t.Fatalf("[%d] failed to unmarshal error response into JSON: %v", i, string(body))
+		}
+		wantErrCode := "M_UNKNOWN_TOKEN"
+		if jsonError.ErrCode != wantErrCode {
+			t.Errorf("[%d] errcode: got %v want %v", i, jsonError.ErrCode, wantErrCode)
+		}
+	}
+}
+
 // Test that you can have multiple connections with the same device, and they work independently.
 func TestMultipleConns(t *testing.T) {
 	alice := registerNewUser(t)

tests-integration/token_management_test.go

@@ -15,37 +15,6 @@ import (
 	"github.com/matrix-org/sliding-sync/testutils/m"
 )
 
-func TestInvalidTokenReturnsMUnknownTokenError(t *testing.T) {
-	pqString := testutils.PrepareDBConnectionString()
-	v2 := runTestV2Server(t)
-	v3 := runTestServer(t, v2, pqString)
-	defer v2.close()
-	defer v3.close()
-
-	_, respBytes, statusCode := v3.doV3Request(t, context.Background(), "invalid_token", "", sync3.Request{
-		Lists: map[string]sync3.RequestList{
-			"a": {
-				Ranges: sync3.SliceRanges{{0, 1}},
-			},
-		},
-	})
-	if statusCode != 401 {
-		t.Errorf("got HTTP %v want 401", statusCode)
-	}
-	var jsonError struct {
-		Err     string `json:"error"`
-		ErrCode string `json:"errcode"`
-	}
-	if err := json.Unmarshal(respBytes, &jsonError); err != nil {
-		t.Fatalf("failed to unmarshal error response into JSON: %v", string(respBytes))
-	}
-	wantErrCode := "M_UNKNOWN_TOKEN"
-	if jsonError.ErrCode != wantErrCode {
-		t.Errorf("errcode: got %v want %v", jsonError.ErrCode, wantErrCode)
-	}
-
-}
-
 func TestSyncWithNewTokenAfterOldExpires(t *testing.T) {
 	pqString := testutils.PrepareDBConnectionString()
 	v2 := runTestV2Server(t)