access_grant_test.rb in rack-oauth2-server-2.1.0

- old
+ new

@@ -67,10 +67,18 @@
     authorization = last_response.body[/authorization:\s*(\S+)/, 1]
     post "/oauth/grant", :authorization=>authorization
     @code = Rack::Utils.parse_query(URI.parse(last_response["Location"]).query)["code"]
   end
 
+  def request_none(scope = nil)
+    basic_authorize client.id, client.secret
+    # Note: This grant_type becomes "client_credentials" in version 11 of the OAuth 2.0 spec
+    params = { :grant_type=>"none", :scope=>"read write" }
+    params[:scope] = scope if scope
+    post "/oauth/access_token", params
+  end
+
   def request_access_token(changes = nil)
     params = { :client_id=>client.id, :client_secret=>client.secret, :scope=>"read write",
                :grant_type=>"authorization_code", :code=>@code, :redirect_uri=>client.redirect_uri }.merge(changes || {})
     basic_authorize params.delete(:client_id), params.delete(:client_secret)
     post "/oauth/access_token", params
@@ -132,11 +140,10 @@
   context "unsupported grant type" do
     setup { request_access_token :grant_type=>"bogus" }
     should_return_error :unsupported_grant_type
   end
 
-
   # 4.1.1.  Authorization Code
 
   context "no authorization code" do
     setup { request_access_token :code=>nil }
     should_return_error :invalid_grant
@@ -248,9 +255,14 @@
     teardown { config.authenticator = @old }
   end
 
 
   # 4.2.  Access Token Response
+
+  context "using none" do
+    setup { request_none }
+    should_respond_with_access_token "read write"
+  end
 
   context "using authorization code" do
     setup { request_access_token }
     should_respond_with_access_token "read write"
   end