RubygemsResearch

Sha256: 8992820208737fef9e1bb844593b8a4ca90f1dea86e7c6e58aac9d0aac9346ff

Contents?: true

Size: 1.99 KB

Versions: 17

Compression:

Stored size: 1.99 KB

require 'spec_helper_integration'

feature 'Authorization Code Flow Errors' do
  background do
    config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
    client_exists
    create_resource_owner
    sign_in
  end

  after do
    access_grant_should_not_exist
  end

  context 'when access was denied' do
    scenario 'redirects with error' do
      visit authorization_endpoint_url(client: @client)
      click_on 'Deny'

      i_should_be_on_client_callback @client
      url_should_not_have_param 'code'
      url_should_have_param 'error', 'access_denied'
      url_should_have_param 'error_description', translated_error_message(:access_denied)
    end

    scenario 'redirects with state parameter' do
      visit authorization_endpoint_url(client: @client, state: 'return-this')
      click_on 'Deny'

      i_should_be_on_client_callback @client
      url_should_not_have_param 'code'
      url_should_have_param 'state', 'return-this'
    end
  end
end

describe 'Authorization Code Flow Errors', 'after authorization' do
  before do
    client_exists
    authorization_code_exists application: @client
  end

  it 'returns :invalid_grant error when posting an already revoked grant code' do
    # First successful request
    post token_endpoint_url(code: @authorization.token, client: @client)

    # Second attempt with same token
    expect do
      post token_endpoint_url(code: @authorization.token, client: @client)
    end.to_not change { Doorkeeper::AccessToken.count }

    should_not_have_json 'access_token'
    should_have_json 'error', 'invalid_grant'
    should_have_json 'error_description', translated_error_message('invalid_grant')
  end

  it 'returns :invalid_grant error for invalid grant code' do
    post token_endpoint_url(code: 'invalid', client: @client)

    access_token_should_not_exist

    should_not_have_json 'access_token'
    should_have_json 'error', 'invalid_grant'
    should_have_json 'error_description', translated_error_message('invalid_grant')
  end
end

Version data entries

17 entries across 17 versions & 2 rubygems

Version	Path
doorkeeper-4.2.5	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-sequel-1.2.1	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.2.0	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.1.0	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.0.0	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.0.0.rc4	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.0.0.rc3	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.0.0.rc2	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-4.0.0.rc1	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-3.1.0	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-3.0.1	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-2.2.2	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-3.0.0	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-3.0.0.rc2	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-3.0.0.rc1	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-2.2.1	spec/requests/flows/authorization_code_errors_spec.rb
doorkeeper-2.2.0	spec/requests/flows/authorization_code_errors_spec.rb