Emelia Smith 77cf2abb3a Improve /oauth/token request specs ... Previously these specs passed incorrect parameters to both the authorization_code and client_credentials grant flows. The authorization_code flow does not accept a `scope` parameter, instead the scope is set when the access grant is created, per RFC 6749 Section 4.1.2. The `code` parameter is accepted by this flow. https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2 The client_credentials flow does not accept a `code` parameter, and instead accepts a `scope` parameter, per RFC 6749 Section 4.4.1 https://www.rfc-editor.org/rfc/rfc6749#section-4.4.1 This ensures we're only testing valid oauth flows, and not deviating from the specification. The OAuth flows should ignore any unknown parameters (i.e., passing `code` to client_credentials would have no impact on the functionality, and this would be asserted at the Doorkeeper level).		2025-04-24 18:13:56 +02:00
..
token_spec.rb	Improve /oauth/token request specs	2025-04-24 18:13:56 +02:00
userinfo_spec.rb	Add userinfo oauth endpoint (#32548)	2024-10-30 14:38:10 +00:00