test/oauth/authorization_test.rb in rack-oauth2-server-1.3.1 vs test/oauth/authorization_test.rb in rack-oauth2-server-1.4.0
- old
+ new
@@ -19,15 +19,15 @@
assert_equal "bring this back", Rack::Utils.parse_query(URI.parse(last_response["Location"]).query)["state"]
end
end
def should_ask_user_for_authorization(&block)
- should "should inform user about client" do
+ should "inform user about client" do
response = last_response.body.split("\n").inject({}) { |h,l| n,v = l.split(/:\s*/) ; h[n.downcase] = v ; h }
assert_equal "UberClient", response["client"]
end
- should "should inform user about scope" do
+ should "inform user about scope" do
response = last_response.body.split("\n").inject({}) { |h,l| n,v = l.split(/:\s*/) ; h[n.downcase] = v ; h }
assert_equal "read, write", response["scope"]
end
end
@@ -42,11 +42,15 @@
def request_authorization(changes = nil)
get "/oauth/authorize?" + Rack::Utils.build_query(@params.merge(changes || {}))
end
+ def authorization
+ last_response.body[/authorization:\s*(\S+)/, 1]
+ end
+
# Checks before we request user for authorization.
# 3.2. Error Response
context "no redirect URI" do
setup { request_authorization :redirect_uri=>nil }
@@ -115,22 +119,29 @@
request_authorization :scope=>"read write math"
end
should_redirect_with_error :invalid_scope
end
+ context "immediately denied" do
+ setup do
+ request_authorization :scope=>"time-travel"
+ end
+ should_redirect_with_error :access_denied
+ end
+
# 3.1. Authorization Response
context "expecting authorization code" do
setup do
@params[:response_type] = "code"
request_authorization
end
should_ask_user_for_authorization
context "and granted" do
- setup { post "/oauth/grant" }
+ setup { post "/oauth/grant", :authorization=>authorization }
should "redirect" do
assert_equal 302, last_response.status
end
should "redirect back to client" do
@@ -155,11 +166,11 @@
end
end
end
context "and denied" do
- setup { post "/oauth/deny" }
+ setup { post "/oauth/deny", :authorization=>authorization }
should "redirect" do
assert_equal 302, last_response.status
end
should "redirect back to client" do
@@ -193,11 +204,11 @@
request_authorization
end
should_ask_user_for_authorization
context "and granted" do
- setup { post "/oauth/grant" }
+ setup { post "/oauth/grant", :authorization=>authorization }
should "redirect" do
assert_equal 302, last_response.status
end
should "redirect back to client" do
@@ -222,11 +233,11 @@
end
end
end
context "and denied" do
- setup { post "/oauth/deny" }
+ setup { post "/oauth/deny", :authorization=>authorization }
should "redirect" do
assert_equal 302, last_response.status
end
should "redirect back to client" do
@@ -234,11 +245,11 @@
assert_equal "uberclient.dot", uri.host
assert_equal "/callback", uri.path
end
context "redirect URL" do
- setup { @return = Rack::Utils.parse_query(URI.parse(last_response["Location"]).query) }
+ setup { @return = Rack::Utils.parse_query(URI.parse(last_response["Location"]).fragment) }
should "not include authorization code" do
assert !@return["code"]
end
@@ -257,11 +268,10 @@
# Using existing authorization request
context "with authorization request" do
setup do
request_authorization
- response = last_response.body.split("\n").inject({}) { |h,l| n,v = l.split(/:\s*/) ; h[n.downcase] = v ; h }
- get "/oauth/authorize?" + Rack::Utils.build_query(:authorization=>response["authorization"])
+ get "/oauth/authorize?" + Rack::Utils.build_query(:authorization=>authorization)
end
should_ask_user_for_authorization
end