Merge branch 'bugfix/oauth-scopes-join' into 'develop'
Bugfix: OAuth scopes formatting Closes #702 See merge request pleroma/pleroma!881
This commit is contained in:
commit
f38c316e6e
@ -113,7 +113,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
refresh_token: token.refresh_token,
|
refresh_token: token.refresh_token,
|
||||||
created_at: DateTime.to_unix(inserted_at),
|
created_at: DateTime.to_unix(inserted_at),
|
||||||
expires_in: 60 * 10,
|
expires_in: 60 * 10,
|
||||||
scope: Enum.join(token.scopes)
|
scope: Enum.join(token.scopes, " ")
|
||||||
}
|
}
|
||||||
|
|
||||||
json(conn, response)
|
json(conn, response)
|
||||||
|
@ -165,10 +165,10 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
|||||||
|
|
||||||
test "issues a token for request with HTTP basic auth client credentials" do
|
test "issues a token for request with HTTP basic auth client credentials" do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
app = insert(:oauth_app, scopes: ["scope1", "scope2"])
|
app = insert(:oauth_app, scopes: ["scope1", "scope2", "scope3"])
|
||||||
|
|
||||||
{:ok, auth} = Authorization.create_authorization(app, user, ["scope2"])
|
{:ok, auth} = Authorization.create_authorization(app, user, ["scope1", "scope2"])
|
||||||
assert auth.scopes == ["scope2"]
|
assert auth.scopes == ["scope1", "scope2"]
|
||||||
|
|
||||||
app_encoded =
|
app_encoded =
|
||||||
(URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret))
|
(URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret))
|
||||||
@ -183,11 +183,13 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
|||||||
"redirect_uri" => app.redirect_uris
|
"redirect_uri" => app.redirect_uris
|
||||||
})
|
})
|
||||||
|
|
||||||
assert %{"access_token" => token} = json_response(conn, 200)
|
assert %{"access_token" => token, "scope" => scope} = json_response(conn, 200)
|
||||||
|
|
||||||
|
assert scope == "scope1 scope2"
|
||||||
|
|
||||||
token = Repo.get_by(Token, token: token)
|
token = Repo.get_by(Token, token: token)
|
||||||
assert token
|
assert token
|
||||||
assert token.scopes == ["scope2"]
|
assert token.scopes == ["scope1", "scope2"]
|
||||||
end
|
end
|
||||||
|
|
||||||
test "rejects token exchange with invalid client credentials" do
|
test "rejects token exchange with invalid client credentials" do
|
||||||
|
Loading…
Reference in New Issue
Block a user