mid format
This commit is contained in:
parent
a7de06ef1a
commit
873b441911
1 changed files with 39 additions and 37 deletions
|
|
@ -499,7 +499,6 @@ test "allows access if the user has a prior authorization but is authenticated w
|
||||||
app: app,
|
app: app,
|
||||||
conn: conn
|
conn: conn
|
||||||
} do
|
} do
|
||||||
|
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
token = insert(:oauth_token, app: app, user: user)
|
token = insert(:oauth_token, app: app, user: user)
|
||||||
|
|
||||||
|
|
@ -512,14 +511,14 @@ test "allows access if the user has a prior authorization but is authenticated w
|
||||||
|> AuthHelper.put_session_token(token.token)
|
|> AuthHelper.put_session_token(token.token)
|
||||||
|> AuthHelper.put_session_user(user.id)
|
|> AuthHelper.put_session_user(user.id)
|
||||||
|> get(
|
|> get(
|
||||||
"/oauth/authorize",
|
"/oauth/authorize",
|
||||||
%{
|
%{
|
||||||
"response_type" => "code",
|
"response_type" => "code",
|
||||||
"client_id" => other_app.client_id,
|
"client_id" => other_app.client_id,
|
||||||
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
||||||
"scope" => "read"
|
"scope" => "read"
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
assert URI.decode(redirected_to(conn)) ==
|
assert URI.decode(redirected_to(conn)) ==
|
||||||
"https://other_redirect.url?code=#{authorization.token}"
|
"https://other_redirect.url?code=#{authorization.token}"
|
||||||
|
|
@ -530,7 +529,6 @@ test "renders login page if the user has an authorization but no token",
|
||||||
app: app,
|
app: app,
|
||||||
conn: conn
|
conn: conn
|
||||||
} do
|
} do
|
||||||
|
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
token = insert(:oauth_token, app: app, user: user)
|
token = insert(:oauth_token, app: app, user: user)
|
||||||
|
|
||||||
|
|
@ -542,14 +540,14 @@ test "renders login page if the user has an authorization but no token",
|
||||||
|> AuthHelper.put_session_token(token.token)
|
|> AuthHelper.put_session_token(token.token)
|
||||||
|> AuthHelper.put_session_user(user.id)
|
|> AuthHelper.put_session_user(user.id)
|
||||||
|> get(
|
|> get(
|
||||||
"/oauth/authorize",
|
"/oauth/authorize",
|
||||||
%{
|
%{
|
||||||
"response_type" => "code",
|
"response_type" => "code",
|
||||||
"client_id" => other_app.client_id,
|
"client_id" => other_app.client_id,
|
||||||
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
||||||
"scope" => "read"
|
"scope" => "read"
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
assert html_response(conn, 200) =~ ~s(type="submit")
|
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||||
end
|
end
|
||||||
|
|
@ -559,7 +557,6 @@ test "does not reuse other people's tokens",
|
||||||
app: app,
|
app: app,
|
||||||
conn: conn
|
conn: conn
|
||||||
} do
|
} do
|
||||||
|
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
other_user = insert(:user)
|
other_user = insert(:user)
|
||||||
token = insert(:oauth_token, app: app, user: user)
|
token = insert(:oauth_token, app: app, user: user)
|
||||||
|
|
@ -573,14 +570,14 @@ test "does not reuse other people's tokens",
|
||||||
|> AuthHelper.put_session_token(token.token)
|
|> AuthHelper.put_session_token(token.token)
|
||||||
|> AuthHelper.put_session_user(user.id)
|
|> AuthHelper.put_session_user(user.id)
|
||||||
|> get(
|
|> get(
|
||||||
"/oauth/authorize",
|
"/oauth/authorize",
|
||||||
%{
|
%{
|
||||||
"response_type" => "code",
|
"response_type" => "code",
|
||||||
"client_id" => other_app.client_id,
|
"client_id" => other_app.client_id,
|
||||||
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
||||||
"scope" => "read"
|
"scope" => "read"
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
assert html_response(conn, 200) =~ ~s(type="submit")
|
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||||
end
|
end
|
||||||
|
|
@ -590,27 +587,32 @@ test "does not reuse expired tokens",
|
||||||
app: app,
|
app: app,
|
||||||
conn: conn
|
conn: conn
|
||||||
} do
|
} do
|
||||||
|
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
token = insert(:oauth_token, app: app, user: user)
|
token = insert(:oauth_token, app: app, user: user)
|
||||||
|
|
||||||
other_app = insert(:oauth_app, redirect_uris: "https://other_redirect.url")
|
other_app = insert(:oauth_app, redirect_uris: "https://other_redirect.url")
|
||||||
_authorization = insert(:oauth_authorization, user: user, app: other_app)
|
_authorization = insert(:oauth_authorization, user: user, app: other_app)
|
||||||
_reusable_token = insert(:oauth_token, app: other_app, user: user, valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), -100))
|
|
||||||
|
_reusable_token =
|
||||||
|
insert(:oauth_token,
|
||||||
|
app: other_app,
|
||||||
|
user: user,
|
||||||
|
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), -100)
|
||||||
|
)
|
||||||
|
|
||||||
conn =
|
conn =
|
||||||
conn
|
conn
|
||||||
|> AuthHelper.put_session_token(token.token)
|
|> AuthHelper.put_session_token(token.token)
|
||||||
|> AuthHelper.put_session_user(user.id)
|
|> AuthHelper.put_session_user(user.id)
|
||||||
|> get(
|
|> get(
|
||||||
"/oauth/authorize",
|
"/oauth/authorize",
|
||||||
%{
|
%{
|
||||||
"response_type" => "code",
|
"response_type" => "code",
|
||||||
"client_id" => other_app.client_id,
|
"client_id" => other_app.client_id,
|
||||||
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
"redirect_uri" => OAuthController.default_redirect_uri(other_app),
|
||||||
"scope" => "read"
|
"scope" => "read"
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
assert html_response(conn, 200) =~ ~s(type="submit")
|
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue