Sha256: 96e7513e9cf1c49cf5aa71af6028d2fbb892642d571166f2bd3bbc3777e8e534

Contents?: true

Size: 1.66 KB

Versions: 16

Compression:

Stored size: 1.66 KB

Contents

require 'spec_helper_integration'

feature 'Private API' do
  background do
    @client   = FactoryGirl.create(:application)
    @resource = User.create!(:name => "Joe", :password => "sekret")
    @token    = client_is_authorized(@client, @resource)
  end

  scenario 'client requests protected resource with valid token' do
    with_access_token_header @token.token
    visit '/full_protected_resources'
    page.body.should have_content("index")
  end

  scenario 'client requests protected resource with disabled header authentication' do
    config_is_set :access_token_methods, [:from_access_token_param]
    with_access_token_header @token.token
    visit '/full_protected_resources'
    response_status_should_be 401
  end

  scenario 'client attempts to request protected resource with invalid token' do
    with_access_token_header "invalid"
    visit '/full_protected_resources'
    response_status_should_be 401
  end

  scenario 'client attempts to request protected resource with expired token' do
    @token.update_column :expires_in, -100 # expires token
    with_access_token_header @token.token
    visit '/full_protected_resources'
    response_status_should_be 401
  end

  scenario 'client requests protected resource with permanent token' do
    @token.update_column :expires_in, nil # never expires
    with_access_token_header @token.token
    visit '/full_protected_resources'
    page.body.should have_content("index")
  end

  scenario 'access token with no scopes' do
    optional_scopes_exist :admin
    @token.update_column :scopes, nil
    with_access_token_header @token.token
    visit '/full_protected_resources/1.json'
    response_status_should_be 401
  end
end

Version data entries

16 entries across 16 versions & 1 rubygems

Version Path
doorkeeper-0.7.4 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.7.3 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.7.2 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.7.1 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.7.0 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.7 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.6 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.5 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.4 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.3 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.2 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.1 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.0 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.6.0.rc1 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.5.0 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.5.0.rc1 spec/requests/protected_resources/private_api_spec.rb