Sha256: 8a705105252386066756300c0ed2fed4c40e44e348a5bed0e5d98a91e2ba3875
Contents?: true
Size: 1.8 KB
Versions: 4
Compression:
Stored size: 1.8 KB
Contents
require 'spec_helper_integration'
describe 'Client Credentials Request' do
let(:client) { FactoryBot.create :application }
context 'a valid request' do
it 'authorizes the client and returns the token response' do
headers = authorization client.uid, client.secret
params = { grant_type: 'client_credentials' }
post '/oauth/token', params, headers
should_have_json 'access_token', Doorkeeper::AccessToken.first.token
should_have_json_within 'expires_in', Doorkeeper.configuration.access_token_expires_in, 1
should_not_have_json 'scope'
should_not_have_json 'refresh_token'
should_not_have_json 'error'
should_not_have_json 'error_description'
end
context 'with scopes' do
before do
optional_scopes_exist :write
end
it 'adds the scope to the token an returns in the response' do
headers = authorization client.uid, client.secret
params = { grant_type: 'client_credentials', scope: 'write' }
post '/oauth/token', params, headers
should_have_json 'access_token', Doorkeeper::AccessToken.first.token
should_have_json 'scope', 'write'
end
end
end
context 'an invalid request' do
it 'does not authorize the client and returns the error' do
headers = {}
params = { grant_type: 'client_credentials' }
post '/oauth/token', params, headers
should_have_json 'error', 'invalid_client'
should_have_json 'error_description', translated_error_message(:invalid_client)
should_not_have_json 'access_token'
expect(response.status).to eq(401)
end
end
def authorization(username, password)
credentials = ActionController::HttpAuthentication::Basic.encode_credentials username, password
{ 'HTTP_AUTHORIZATION' => credentials }
end
end
Version data entries
4 entries across 4 versions & 3 rubygems