rack-oauth2 0.2.3 → 0.3.0.alpha
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +1 -0
- data/README.rdoc +1 -0
- data/VERSION +1 -1
- data/lib/rack/oauth2.rb +1 -7
- data/lib/rack/oauth2/server.rb +0 -1
- data/lib/rack/oauth2/server/abstract.rb +2 -1
- data/lib/rack/oauth2/server/abstract/error.rb +55 -0
- data/lib/rack/oauth2/server/abstract/handler.rb +2 -3
- data/lib/rack/oauth2/server/abstract/request.rb +2 -3
- data/lib/rack/oauth2/server/abstract/response.rb +0 -5
- data/lib/rack/oauth2/server/authorize.rb +19 -14
- data/lib/rack/oauth2/server/authorize/code.rb +8 -19
- data/lib/rack/oauth2/server/authorize/error.rb +60 -0
- data/lib/rack/oauth2/server/authorize/token.rb +15 -24
- data/lib/rack/oauth2/server/resource.rb +1 -79
- data/lib/rack/oauth2/server/resource/bearer.rb +74 -0
- data/lib/rack/oauth2/server/resource/bearer/error.rb +80 -0
- data/lib/rack/oauth2/server/token.rb +12 -19
- data/lib/rack/oauth2/server/token/authorization_code.rb +4 -5
- data/lib/rack/oauth2/server/token/error.rb +54 -0
- data/lib/rack/oauth2/server/token/password.rb +0 -2
- data/lib/rack/oauth2/server/token/refresh_token.rb +1 -1
- data/lib/rack/oauth2/server/util.rb +29 -0
- data/rack-oauth2.gemspec +1 -1
- data/spec/rack/oauth2/server/abstract/error_spec.rb +51 -0
- data/spec/rack/oauth2/server/authorize/code_spec.rb +42 -28
- data/spec/rack/oauth2/server/authorize/error_spec.rb +103 -0
- data/spec/rack/oauth2/server/authorize/token_spec.rb +55 -26
- data/spec/rack/oauth2/server/authorize_spec.rb +24 -68
- data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +118 -0
- data/spec/rack/oauth2/server/resource/bearer_spec.rb +117 -0
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +26 -109
- data/spec/rack/oauth2/server/token/error_spec.rb +77 -0
- data/spec/rack/oauth2/server/token/password_spec.rb +27 -47
- data/spec/rack/oauth2/server/token/refresh_token_spec.rb +22 -43
- data/spec/rack/oauth2/server/token_spec.rb +77 -116
- data/spec/rack/oauth2/server/util_spec.rb +75 -16
- data/spec/spec_helper.rb +0 -12
- metadata +25 -29
- data/lib/rack/oauth2/server/authorize/code_and_token.rb +0 -62
- data/lib/rack/oauth2/server/error.rb +0 -73
- data/lib/rack/oauth2/server/error/authorize.rb +0 -54
- data/lib/rack/oauth2/server/error/resource.rb +0 -50
- data/lib/rack/oauth2/server/error/token.rb +0 -59
- data/lib/rack/oauth2/server/token/assertion.rb +0 -29
- data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +0 -53
- data/spec/rack/oauth2/server/error/authorize_spec.rb +0 -102
- data/spec/rack/oauth2/server/error/resource_spec.rb +0 -69
- data/spec/rack/oauth2/server/error/token_spec.rb +0 -115
- data/spec/rack/oauth2/server/error_spec.rb +0 -107
- data/spec/rack/oauth2/server/resource_spec.rb +0 -141
- data/spec/rack/oauth2/server/token/assertion_spec.rb +0 -56
@@ -0,0 +1,117 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::Server::Resource::Bearer do
|
4
|
+
let(:app) do
|
5
|
+
Rack::OAuth2::Server::Resource::Bearer.new(simple_app) do |request|
|
6
|
+
case request.access_token
|
7
|
+
when 'valid_token'
|
8
|
+
# nothing to do
|
9
|
+
when 'insufficient_scope_token'
|
10
|
+
request.insufficient_scope!
|
11
|
+
else
|
12
|
+
request.invalid_token!
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
let(:access_token) { env[Rack::OAuth2::Server::Resource::Bearer::ACCESS_TOKEN] }
|
17
|
+
let(:request) { app.call(env) }
|
18
|
+
subject { app.call(env) }
|
19
|
+
|
20
|
+
shared_examples_for :non_oauth2_request do
|
21
|
+
it 'should skip OAuth 2.0 authentication' do
|
22
|
+
status, header, response = request
|
23
|
+
status.should == 200
|
24
|
+
access_token.should be_nil
|
25
|
+
end
|
26
|
+
end
|
27
|
+
shared_examples_for :authenticated_request do
|
28
|
+
it 'should be authenticated' do
|
29
|
+
status, header, response = request
|
30
|
+
status.should == 200
|
31
|
+
access_token.should == 'valid_token'
|
32
|
+
end
|
33
|
+
end
|
34
|
+
shared_examples_for :unauthorized_request do
|
35
|
+
it 'should be unauthorized' do
|
36
|
+
status, header, response = request
|
37
|
+
status.should == 401
|
38
|
+
header['WWW-Authenticate'].should include 'Bearer'
|
39
|
+
access_token.should be_nil
|
40
|
+
end
|
41
|
+
end
|
42
|
+
shared_examples_for :bad_request do
|
43
|
+
it 'should be unauthorized' do
|
44
|
+
status, header, response = request
|
45
|
+
status.should == 400
|
46
|
+
access_token.should be_nil
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context 'when no access token is given' do
|
51
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource') }
|
52
|
+
it_behaves_like :non_oauth2_request
|
53
|
+
end
|
54
|
+
|
55
|
+
context 'when valid_token is given' do
|
56
|
+
context 'when token is in Authorization header' do
|
57
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'Bearer valid_token') }
|
58
|
+
it_behaves_like :authenticated_request
|
59
|
+
end
|
60
|
+
|
61
|
+
context 'when token is in params' do
|
62
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'valid_token'}) }
|
63
|
+
it_behaves_like :authenticated_request
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
context 'when invalid_token is given' do
|
68
|
+
context 'when token is in Authorization header' do
|
69
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'Bearer invalid_token') }
|
70
|
+
it_behaves_like :unauthorized_request
|
71
|
+
end
|
72
|
+
|
73
|
+
context 'when token is in params' do
|
74
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'invalid_token'}) }
|
75
|
+
it_behaves_like :unauthorized_request
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
context 'when multiple access_token is given' do
|
80
|
+
context 'when token is in Authorization header and params' do
|
81
|
+
let(:env) do
|
82
|
+
Rack::MockRequest.env_for(
|
83
|
+
'/protected_resource',
|
84
|
+
'HTTP_AUTHORIZATION' => 'Bearer valid_token',
|
85
|
+
:params => {:oauth_token => 'valid_token'}
|
86
|
+
)
|
87
|
+
end
|
88
|
+
it_behaves_like :bad_request
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context 'when OAuth 1.0 request' do
|
93
|
+
context 'when token is in Authorization header' do
|
94
|
+
let(:env) do
|
95
|
+
Rack::MockRequest.env_for(
|
96
|
+
'/protected_resource',
|
97
|
+
'HTTP_AUTHORIZATION' => 'OAuth oauth_consumer_key="key" oauth_token="token" oauth_signature_method="HMAC-SHA1" oauth_signature="sig" oauth_timestamp="123456789" oauth_nonce="nonce"'
|
98
|
+
)
|
99
|
+
end
|
100
|
+
it_behaves_like :non_oauth2_request
|
101
|
+
end
|
102
|
+
|
103
|
+
context 'when token is in params' do
|
104
|
+
let(:env) do
|
105
|
+
Rack::MockRequest.env_for('/protected_resource', :params => {
|
106
|
+
:oauth_consumer_key => 'key',
|
107
|
+
:oauth_token => 'token',
|
108
|
+
:oauth_signature_method => 'HMAC-SHA1',
|
109
|
+
:oauth_signature => 'sig',
|
110
|
+
:oauth_timestamp => 123456789,
|
111
|
+
:oauth_nonce => 'nonce'
|
112
|
+
})
|
113
|
+
end
|
114
|
+
it_behaves_like :non_oauth2_request
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
@@ -1,119 +1,36 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
@app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
|
9
|
-
response.access_token = "access_token"
|
10
|
-
end
|
11
|
-
@request = Rack::MockRequest.new @app
|
4
|
+
let(:request) { Rack::MockRequest.new app }
|
5
|
+
let(:app) do
|
6
|
+
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
+
response.access_token = 'access_token'
|
12
8
|
end
|
13
|
-
|
14
|
-
it "should return access_token as json response body" do
|
15
|
-
response = @request.post("/", :params => {
|
16
|
-
:grant_type => "authorization_code",
|
17
|
-
:client_id => "valid_client",
|
18
|
-
:code => "valid_authorization_code",
|
19
|
-
:redirect_uri => "http://client.example.com/callback"
|
20
|
-
})
|
21
|
-
response.status.should == 200
|
22
|
-
response.content_type.should == "application/json"
|
23
|
-
response.body.should == {
|
24
|
-
:access_token => "access_token"
|
25
|
-
}.to_json
|
26
|
-
end
|
27
|
-
|
28
9
|
end
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
@request = Rack::MockRequest.new @app
|
37
|
-
end
|
38
|
-
|
39
|
-
it "should return error message as json response body" do
|
40
|
-
response = @request.post("/", :params => {
|
41
|
-
:grant_type => "authorization_code",
|
42
|
-
:client_id => "valid_client",
|
43
|
-
:code => "invalid_authorization_code",
|
44
|
-
:redirect_uri => "http://client.example.com/callback"
|
45
|
-
})
|
46
|
-
response.status.should == 400
|
47
|
-
response.content_type.should == "application/json"
|
48
|
-
response.body.should == {
|
49
|
-
:error => :invalid_grant,
|
50
|
-
:error_description => "Invalid authorization code."
|
51
|
-
}.to_json
|
52
|
-
end
|
53
|
-
|
10
|
+
let(:params) do
|
11
|
+
{
|
12
|
+
:grant_type => 'authorization_code',
|
13
|
+
:client_id => 'client_id',
|
14
|
+
:code => 'authorization_code',
|
15
|
+
:redirect_uri => 'http://client.example.com/callback'
|
16
|
+
}
|
54
17
|
end
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
18
|
+
subject { request.post('/', :params => params) }
|
19
|
+
|
20
|
+
its(:status) { should == 200 }
|
21
|
+
its(:content_type) { should == 'application/json' }
|
22
|
+
its(:body) { should == '{"access_token":"access_token"}' }
|
23
|
+
|
24
|
+
[:code, :redirect_uri].each do |required|
|
25
|
+
context "when #{required} is missing" do
|
26
|
+
before do
|
27
|
+
params.delete_if do |key, value|
|
28
|
+
key == required
|
29
|
+
end
|
61
30
|
end
|
62
|
-
|
31
|
+
its(:status) { should == 400 }
|
32
|
+
its(:content_type) { should == 'application/json' }
|
33
|
+
its(:body) { should include '"error":"invalid_request"' }
|
63
34
|
end
|
64
|
-
|
65
|
-
context "when client credentials is given via Authorization header" do
|
66
|
-
it "should return 401 error" do
|
67
|
-
response = @request.post("/", :params => {
|
68
|
-
:grant_type => "authorization_code",
|
69
|
-
:code => "valid_authorization_code",
|
70
|
-
:redirect_uri => "http://client.example.com/callback"
|
71
|
-
}, 'HTTP_AUTHORIZATION' => "Basic #{["invalid_client_id:client_secret"].pack("m*")}")
|
72
|
-
response.status.should == 401
|
73
|
-
response.content_type.should == "application/json"
|
74
|
-
response.body.should == {
|
75
|
-
:error => :invalid_client,
|
76
|
-
:error_description => "Invalid client identifier."
|
77
|
-
}.to_json
|
78
|
-
end
|
79
|
-
end
|
80
|
-
|
81
|
-
context "when client credentials is given via request body" do
|
82
|
-
it "should return 400 error" do
|
83
|
-
response = @request.post("/", :params => {
|
84
|
-
:grant_type => "authorization_code",
|
85
|
-
:client_id => "invalid_client",
|
86
|
-
:code => "valid_authorization_code",
|
87
|
-
:redirect_uri => "http://client.example.com/callback"
|
88
|
-
})
|
89
|
-
response.status.should == 400
|
90
|
-
response.content_type.should == "application/json"
|
91
|
-
response.body.should == {
|
92
|
-
:error => :invalid_client,
|
93
|
-
:error_description => "Invalid client identifier."
|
94
|
-
}.to_json
|
95
|
-
end
|
96
|
-
end
|
97
|
-
|
98
|
-
context "when client credentials is given via both Authorization header and request body" do
|
99
|
-
it "should return 401 error with multiple credentials error message" do
|
100
|
-
response = @request.post("/", :params => {
|
101
|
-
:grant_type => "authorization_code",
|
102
|
-
:client_id => "invalid_client",
|
103
|
-
:code => "valid_authorization_code",
|
104
|
-
:redirect_uri => "http://client.example.com/callback"
|
105
|
-
}, 'HTTP_AUTHORIZATION' => "Basic #{["invalid_client_id:client_secret"].pack("m*")}")
|
106
|
-
response.status.should == 401
|
107
|
-
response.content_type.should == "application/json"
|
108
|
-
response.body.should == {
|
109
|
-
:error => :invalid_client,
|
110
|
-
:error_description => "Multiple client credentials are provided."
|
111
|
-
}.to_json
|
112
|
-
end
|
113
|
-
# TODO
|
114
|
-
|
115
|
-
end
|
116
|
-
|
117
35
|
end
|
118
|
-
|
119
36
|
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::Server::Token::BadRequest do
|
4
|
+
let(:error) { Rack::OAuth2::Server::Token::BadRequest.new(:invalid_request) }
|
5
|
+
|
6
|
+
it { should be_a Rack::OAuth2::Server::Abstract::BadRequest }
|
7
|
+
|
8
|
+
describe '#finish' do
|
9
|
+
it 'should respond in JSON' do
|
10
|
+
status, header, response = error.finish
|
11
|
+
status.should == 400
|
12
|
+
header['Content-Type'].should == 'application/json'
|
13
|
+
response.body.should == ['{"error":"invalid_request"}']
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe Rack::OAuth2::Server::Token::Unauthorized do
|
19
|
+
let(:error) { Rack::OAuth2::Server::Token::Unauthorized.new(:invalid_request) }
|
20
|
+
|
21
|
+
it { should be_a Rack::OAuth2::Server::Abstract::Unauthorized }
|
22
|
+
|
23
|
+
describe '#finish' do
|
24
|
+
it 'should respond in JSON' do
|
25
|
+
status, header, response = error.finish
|
26
|
+
status.should == 401
|
27
|
+
header['Content-Type'].should == 'application/json'
|
28
|
+
header['WWW-Authenticate'].should == 'Basic realm="OAuth2 Token Endpoint"'
|
29
|
+
response.body.should == ['{"error":"invalid_request"}']
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
describe Rack::OAuth2::Server::Token::ErrorMethods do
|
35
|
+
let(:bad_request) { Rack::OAuth2::Server::Token::BadRequest }
|
36
|
+
let(:unauthorized) { Rack::OAuth2::Server::Token::Unauthorized }
|
37
|
+
let(:redirect_uri) { 'http://client.example.com/callback' }
|
38
|
+
let(:default_description) { Rack::OAuth2::Server::Token::ErrorMethods::DEFAULT_DESCRIPTION }
|
39
|
+
let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
|
40
|
+
let(:request) { Rack::OAuth2::Server::Token::Request.new env }
|
41
|
+
|
42
|
+
describe 'bad_request!' do
|
43
|
+
it do
|
44
|
+
expect { request.bad_request! :invalid_request }.should raise_error bad_request
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
describe 'unauthorized!' do
|
49
|
+
it do
|
50
|
+
expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
Rack::OAuth2::Server::Token::ErrorMethods::DEFAULT_DESCRIPTION.keys.each do |error_code|
|
55
|
+
method = "#{error_code}!"
|
56
|
+
case error_code
|
57
|
+
when :invalid_client
|
58
|
+
describe method do
|
59
|
+
it "should raise Rack::OAuth2::Server::Token::Unauthorized with error = :#{error_code}" do
|
60
|
+
expect { request.send method }.should raise_error(unauthorized) { |error|
|
61
|
+
error.error.should == error_code
|
62
|
+
error.description.should == default_description[error_code]
|
63
|
+
}
|
64
|
+
end
|
65
|
+
end
|
66
|
+
else
|
67
|
+
describe method do
|
68
|
+
it "should raise Rack::OAuth2::Server::Token::BadRequest with error = :#{error_code}" do
|
69
|
+
expect { request.send method }.should raise_error(bad_request) { |error|
|
70
|
+
error.error.should == error_code
|
71
|
+
error.description.should == default_description[error_code]
|
72
|
+
}
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -1,56 +1,36 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Token::Password do
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
@app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
|
9
|
-
response.access_token = "access_token"
|
10
|
-
end
|
11
|
-
@request = Rack::MockRequest.new @app
|
4
|
+
let(:request) { Rack::MockRequest.new app }
|
5
|
+
let(:app) do
|
6
|
+
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
+
response.access_token = 'access_token'
|
12
8
|
end
|
13
|
-
|
14
|
-
it "should return access_token as json response body" do
|
15
|
-
response = @request.post("/", :params => {
|
16
|
-
:grant_type => "password",
|
17
|
-
:client_id => "valid_client",
|
18
|
-
:username => "nov",
|
19
|
-
:password => "valid_pass"
|
20
|
-
})
|
21
|
-
response.status.should == 200
|
22
|
-
response.content_type.should == "application/json"
|
23
|
-
response.body.should == {
|
24
|
-
:access_token => "access_token"
|
25
|
-
}.to_json
|
26
|
-
end
|
27
|
-
|
28
9
|
end
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
10
|
+
let(:params) do
|
11
|
+
{
|
12
|
+
:grant_type => 'password',
|
13
|
+
:client_id => 'client_id',
|
14
|
+
:username => 'nov',
|
15
|
+
:password => 'secret'
|
16
|
+
}
|
17
|
+
end
|
18
|
+
subject { request.post('/', :params => params) }
|
19
|
+
|
20
|
+
its(:status) { should == 200 }
|
21
|
+
its(:content_type) { should == 'application/json' }
|
22
|
+
its(:body) { should == '{"access_token":"access_token"}' }
|
23
|
+
|
24
|
+
[:username, :password].each do |required|
|
25
|
+
context "when #{required} is missing" do
|
26
|
+
before do
|
27
|
+
params.delete_if do |key, value|
|
28
|
+
key == required
|
29
|
+
end
|
35
30
|
end
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
it "should return error message as json response body" do
|
40
|
-
response = @request.post("/", :params => {
|
41
|
-
:grant_type => "password",
|
42
|
-
:client_id => "valid_client",
|
43
|
-
:username => "nov",
|
44
|
-
:password => "invalid_pass"
|
45
|
-
})
|
46
|
-
response.status.should == 400
|
47
|
-
response.content_type.should == "application/json"
|
48
|
-
response.body.should == {
|
49
|
-
:error => :invalid_grant,
|
50
|
-
:error_description => "Invalid resource owner credentials."
|
51
|
-
}.to_json
|
31
|
+
its(:status) { should == 400 }
|
32
|
+
its(:content_type) { should == 'application/json' }
|
33
|
+
its(:body) { should include '"error":"invalid_request"' }
|
52
34
|
end
|
53
|
-
|
54
35
|
end
|
55
|
-
|
56
36
|
end
|
@@ -1,54 +1,33 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Token::RefreshToken do
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
@app = Rack::OAuth2::Server::Token.new(simple_app) do |request, response|
|
9
|
-
response.access_token = "access_token"
|
10
|
-
end
|
11
|
-
@request = Rack::MockRequest.new @app
|
12
|
-
end
|
13
|
-
|
14
|
-
it "should return access_token as json response body" do
|
15
|
-
response = @request.post("/", :params => {
|
16
|
-
:grant_type => "refresh_token",
|
17
|
-
:client_id => "valid_client",
|
18
|
-
:refresh_token => "valid_refresh_token"
|
19
|
-
})
|
20
|
-
response.status.should == 200
|
21
|
-
response.content_type.should == "application/json"
|
22
|
-
response.body.should == {
|
23
|
-
:access_token => "access_token"
|
24
|
-
}.to_json
|
4
|
+
let(:request) { Rack::MockRequest.new app }
|
5
|
+
let(:app) do
|
6
|
+
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
+
response.access_token = 'access_token'
|
25
8
|
end
|
26
|
-
|
27
9
|
end
|
10
|
+
let(:params) do
|
11
|
+
{
|
12
|
+
:grant_type => "refresh_token",
|
13
|
+
:client_id => "client_id",
|
14
|
+
:refresh_token => "refresh_token"
|
15
|
+
}
|
16
|
+
end
|
17
|
+
subject { request.post('/', :params => params) }
|
28
18
|
|
29
|
-
|
19
|
+
its(:status) { should == 200 }
|
20
|
+
its(:content_type) { should == 'application/json' }
|
21
|
+
its(:body) { should == '{"access_token":"access_token"}' }
|
30
22
|
|
23
|
+
context 'when refresh_token is missing' do
|
31
24
|
before do
|
32
|
-
|
33
|
-
|
25
|
+
params.delete_if do |key, value|
|
26
|
+
key == :refresh_token
|
34
27
|
end
|
35
|
-
@request = Rack::MockRequest.new @app
|
36
|
-
end
|
37
|
-
|
38
|
-
it "should return error message as json response body" do
|
39
|
-
response = @request.post("/", :params => {
|
40
|
-
:grant_type => "refresh_token",
|
41
|
-
:client_id => "valid_client",
|
42
|
-
:refresh_token => "invalid_refresh_token"
|
43
|
-
})
|
44
|
-
response.status.should == 400
|
45
|
-
response.content_type.should == "application/json"
|
46
|
-
response.body.should == {
|
47
|
-
:error => :invalid_grant,
|
48
|
-
:error_description => "Invalid refresh_token."
|
49
|
-
}.to_json
|
50
28
|
end
|
51
|
-
|
29
|
+
its(:status) { should == 400 }
|
30
|
+
its(:content_type) { should == 'application/json' }
|
31
|
+
its(:body) { should include '"error":"invalid_request"' }
|
52
32
|
end
|
53
|
-
|
54
|
-
end
|
33
|
+
end
|