Sha256: 8e4aa79531d52ae932d420cac7f82403d82f4ee4b0028ab54d737352b2acdb72
Contents?: true
Size: 1.69 KB
Versions: 3
Compression:
Stored size: 1.69 KB
Contents
# coding: utf-8
# TODO: this flow should be configurable (letting Doorkeeper users decide if
# they want to make it available)
require 'spec_helper_integration'
feature 'Resource Owner Password Credentials Flow' do
background do
config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
client_exists
create_resource_owner
end
context 'with valid user credentials' do
scenario "should issue new token" do
expect {
post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
}.to change { Doorkeeper::AccessToken.count }.by(1)
token = Doorkeeper::AccessToken.first
should_have_json 'access_token', token.token
end
scenario "should issue a refresh token if enabled" do
config_is_set(:refresh_token_enabled, true)
post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
token = Doorkeeper::AccessToken.first
should_have_json 'refresh_token', token.refresh_token
end
end
context "with invalid user credentials" do
scenario "should not issue new token with bad password" do
expect {
post password_token_endpoint_url( :client => @client,
:resource_owner_username => @resource_owner.name,
:resource_owner_password => 'wrongpassword')
}.to_not change { Doorkeeper::AccessToken.count }
end
scenario "should not issue new token without credentials" do
expect {
post password_token_endpoint_url( :client => @client)
}.to_not change { Doorkeeper::AccessToken.count }
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| doorkeeper-0.4.2 | spec/requests/flows/password_spec.rb |
| doorkeeper-0.4.1 | spec/requests/flows/password_spec.rb |
| doorkeeper-0.4.0 | spec/requests/flows/password_spec.rb |