Sha256: a6155fca4eb983ad4aaee1377e51d7fd43482ab6397b1e6f6dc0c4f4fecfc1ac

Contents?: true

Size: 1.4 KB

Versions: 3

Compression:

Stored size: 1.4 KB

Contents

require 'spec_helper_integration'

feature 'Private API' do
  background do
    @client   = FactoryGirl.create(:application)
    @resource = User.create!(:name => "Joe", :password => "sekret")
    @token    = client_is_authorized(@client, @resource)
  end

  scenario 'client requests protected resource with valid token' do
    with_access_token_header @token.token
    visit '/full_protected_resources'
    page.body.should have_content("index")
  end

  scenario 'client attempts to request protected resource with invalid token' do
    with_access_token_header "invalid"
    visit '/full_protected_resources'
    response_status_should_be 401
  end

  scenario 'client attempts to request protected resource with expired token' do
    @token.update_attribute :expires_in, -100 # expires token
    with_access_token_header @token.token
    visit '/full_protected_resources'
    response_status_should_be 401
  end

  scenario 'client requests protected resource with permanent token' do
    @token.update_attribute :expires_in, nil # never expires
    with_access_token_header @token.token
    visit '/full_protected_resources'
    page.body.should have_content("index")
  end

  scenario 'access token with no scopes' do
    optional_scopes_exist :admin
    @token.update_attribute :scopes, nil
    with_access_token_header @token.token
    visit '/full_protected_resources/1.json'
    response_status_should_be 401
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
doorkeeper-0.4.2 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.4.1 spec/requests/protected_resources/private_api_spec.rb
doorkeeper-0.4.0 spec/requests/protected_resources/private_api_spec.rb