require 'spec_helper_integration' module Doorkeeper::OAuth describe PasswordAccessTokenRequest do let(:server) { double :server, default_scopes: Doorkeeper::OAuth::Scopes.new, access_token_expires_in: 2.hours, refresh_token_enabled?: false } let(:credentials) { Client::Credentials.new(client.uid, client.secret) } let(:client) { FactoryGirl.create(:application) } let(:owner) { double :owner, id: 99 } subject do PasswordAccessTokenRequest.new(server, credentials, owner) end it 'issues a new token for the client' do expect do subject.authorize end.to change { client.access_tokens.count }.by(1) end it 'issues a new token without a client' do expect do subject.credentials = nil subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) end it 'does not issue a new token with an invalid client' do expect do subject.client = nil subject.authorize end.to_not change { Doorkeeper::AccessToken.count } expect(subject.error).to eq(:invalid_client) end it 'requires the owner' do subject.resource_owner = nil subject.validate expect(subject.error).to eq(:invalid_resource_owner) end it 'optionally accepts the client' do subject.credentials = nil expect(subject).to be_valid end describe 'with scopes' do subject do PasswordAccessTokenRequest.new(server, client, owner, scope: 'public') end it 'validates the current scope' do allow(server).to receive(:scopes).and_return(Doorkeeper::OAuth::Scopes.from_string('another')) subject.validate expect(subject.error).to eq(:invalid_scope) end it 'creates the token with scopes' do allow(server).to receive(:scopes).and_return(Doorkeeper::OAuth::Scopes.from_string('public')) expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) expect(Doorkeeper::AccessToken.last.scopes).to include('public') end end end end