test/oauth/access_grant_test.rb in rack-oauth2-server-2.0.0 vs test/oauth/access_grant_test.rb in rack-oauth2-server-2.0.1
- old
+ new
@@ -74,13 +74,14 @@
:grant_type=>"authorization_code", :code=>@code, :redirect_uri=>client.redirect_uri }.merge(changes || {})
basic_authorize params.delete(:client_id), params.delete(:client_secret)
post "/oauth/access_token", params
end
- def request_with_username_password(username, password, scope = "read write")
+ def request_with_username_password(username, password, scope = nil)
basic_authorize client.id, client.secret
- params = { :grant_type=>"password", :scope=>scope }
+ params = { :grant_type=>"password" }
+ params[:scope] = scope if scope
params[:username] = username if username
params[:password] = password if password
post "/oauth/access_token", params
end
@@ -209,11 +210,16 @@
setup { request_with_username_password "cowbell", "less" }
should_return_error :invalid_grant
end
context "no scope specified" do
- setup { request_with_username_password "cowbell", "more", nil }
- should_respond_with_access_token nil
+ setup { request_with_username_password "cowbell", "more" }
+ should_respond_with_access_token "oauth-admin read write"
+ end
+
+ context "given scope" do
+ setup { request_with_username_password "cowbell", "more", "read" }
+ should_respond_with_access_token "read"
end
context "unsupported scope" do
setup { request_with_username_password "cowbell", "more", "read write math" }
should_return_error :invalid_scope