From 46da5c904361b89cad23e13e3a9b818d3b389a3c Mon Sep 17 00:00:00 2001
From: Thomas Kappler <tkappler@pulumi.com>
Date: Fri, 19 Aug 2022 16:05:34 -0700
Subject: [PATCH] Replace manual token inspection by assertion in test

---
 examples/go-auth/main.go | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/examples/go-auth/main.go b/examples/go-auth/main.go
index d04593ac8773..0d12922fbc7c 100644
--- a/examples/go-auth/main.go
+++ b/examples/go-auth/main.go
@@ -1,11 +1,11 @@
 package main
 
 import (
-	"log"
+	"fmt"
+	"regexp"
 
 	"github.com/pulumi/pulumi-azure-native/sdk/go/azure/authorization"
 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
-	q "github.com/ryboe/q"
 )
 
 func main() {
@@ -15,8 +15,16 @@ func main() {
 			return err
 		}
 
-		log.Println("Got OAuth token: ", tokenResult.Token[:20])
-		q.Q(tokenResult.Token)
+		// Based on the ABNF from RFC 6750:
+		//    1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"="
+		tokenLooksValid := regexp.MustCompile(`^[._~+/a-zA-Z0-9-]+=*$`).MatchString(tokenResult.Token)
+		if !tokenLooksValid {
+			token := tokenResult.Token
+			if len(token) > 40 {
+				token = token[:40] + "..."
+			}
+			return fmt.Errorf("Token '%s' does not seem valid", token)
+		}
 
 		return nil
 	})