mirror of
https://github.com/mastodon/mastodon.git
synced 2025-05-07 12:16:14 +00:00
Merge 77cf2abb3a into 8b34daf254
This commit is contained in:
Emelia Smith
GitHub
commit
87d042894a
|
|
@ -5,32 +5,36 @@ require 'rails_helper'
|
||||||
RSpec.describe 'Managing OAuth Tokens' do
|
RSpec.describe 'Managing OAuth Tokens' do
|
||||||
describe 'POST /oauth/token' do
|
describe 'POST /oauth/token' do
|
||||||
subject do
|
subject do
|
||||||
post '/oauth/token', params: params
|
post '/oauth/token', params: params, headers: headers
|
||||||
end
|
end
|
||||||
|
|
||||||
let(:application) do
|
let(:application) do
|
||||||
Fabricate(:application, scopes: 'read write follow', redirect_uri: 'urn:ietf:wg:oauth:2.0:oob')
|
Fabricate(:application, scopes: 'read write follow', redirect_uri: 'urn:ietf:wg:oauth:2.0:oob')
|
||||||
end
|
end
|
||||||
let(:params) do
|
|
||||||
|
# This is using the OAuth client_secret_basic client authentication method
|
||||||
|
let(:headers) do
|
||||||
{
|
{
|
||||||
grant_type: grant_type,
|
Authorization: ActionController::HttpAuthentication::Basic.encode_credentials(application.uid, application.secret),
|
||||||
client_id: application.uid,
|
|
||||||
client_secret: application.secret,
|
|
||||||
redirect_uri: 'urn:ietf:wg:oauth:2.0:oob',
|
|
||||||
code: code,
|
|
||||||
scope: scope,
|
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
context "with grant_type 'authorization_code'" do
|
context "with grant_type 'authorization_code'" do
|
||||||
let(:grant_type) { 'authorization_code' }
|
let(:params) do
|
||||||
|
{
|
||||||
|
grant_type: 'authorization_code',
|
||||||
|
redirect_uri: 'urn:ietf:wg:oauth:2.0:oob',
|
||||||
|
code: code,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
let(:code) do
|
let(:code) do
|
||||||
access_grant = Fabricate(:access_grant, application: application, redirect_uri: 'urn:ietf:wg:oauth:2.0:oob', scopes: 'read write')
|
access_grant = Fabricate(:access_grant, application: application, redirect_uri: 'urn:ietf:wg:oauth:2.0:oob', scopes: 'read write')
|
||||||
access_grant.plaintext_token
|
access_grant.plaintext_token
|
||||||
end
|
end
|
||||||
|
|
||||||
shared_examples 'original scope request preservation' do
|
shared_examples 'original scope request preservation' do
|
||||||
it 'returns all scopes requested for the given code' do
|
it 'returns all scopes requested by the authorization code' do
|
||||||
subject
|
subject
|
||||||
|
|
||||||
expect(response).to have_http_status(200)
|
expect(response).to have_http_status(200)
|
||||||
|
|
@ -38,36 +42,51 @@ RSpec.describe 'Managing OAuth Tokens' do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'with no scopes specified' do
|
context 'with client authentication via params' do
|
||||||
let(:scope) { nil }
|
let(:headers) { nil }
|
||||||
|
let(:params) do
|
||||||
|
{
|
||||||
|
grant_type: 'authorization_code',
|
||||||
|
redirect_uri: 'urn:ietf:wg:oauth:2.0:oob',
|
||||||
|
client_id: application.uid,
|
||||||
|
client_secret: application.secret,
|
||||||
|
code: code,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
it_behaves_like 'original scope request preservation'
|
it_behaves_like 'original scope request preservation'
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'with scopes specified' do
|
it_behaves_like 'original scope request preservation'
|
||||||
context 'when the scopes were requested for this code' do
|
|
||||||
let(:scope) { 'write' }
|
|
||||||
|
|
||||||
it_behaves_like 'original scope request preservation'
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'when the scope was not requested for the code' do
|
|
||||||
let(:scope) { 'follow' }
|
|
||||||
|
|
||||||
it_behaves_like 'original scope request preservation'
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'when the scope does not belong to the application' do
|
|
||||||
let(:scope) { 'push' }
|
|
||||||
|
|
||||||
it_behaves_like 'original scope request preservation'
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
context "with grant_type 'client_credentials'" do
|
context "with grant_type 'client_credentials'" do
|
||||||
let(:grant_type) { 'client_credentials' }
|
let(:scope) { nil }
|
||||||
let(:code) { nil }
|
let(:params) do
|
||||||
|
{
|
||||||
|
grant_type: 'client_credentials',
|
||||||
|
scope: scope,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with client authentication via params' do
|
||||||
|
let(:headers) { nil }
|
||||||
|
let(:params) do
|
||||||
|
{
|
||||||
|
grant_type: 'client_credentials',
|
||||||
|
client_id: application.uid,
|
||||||
|
client_secret: application.secret,
|
||||||
|
scope: scope,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns only the default scope' do
|
||||||
|
subject
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
expect(response.parsed_body[:scope]).to eq('read')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context 'with no scopes specified' do
|
context 'with no scopes specified' do
|
||||||
let(:scope) { nil }
|
let(:scope) { nil }
|
||||||
|
|
@ -99,6 +118,7 @@ RSpec.describe 'Managing OAuth Tokens' do
|
||||||
subject
|
subject
|
||||||
|
|
||||||
expect(response).to have_http_status(400)
|
expect(response).to have_http_status(400)
|
||||||
|
expect(response.parsed_body[:error]).to eq 'invalid_scope'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user