diff options
| author | Ivan Tashkinov <ivantashkinov@gmail.com> | 2018-12-18 17:13:52 +0300 |
|---|---|---|
| committer | Ivan Tashkinov <ivantashkinov@gmail.com> | 2018-12-18 17:22:46 +0300 |
| commit | b096e30cffc79a4adf12be88da412a290cd0d190 (patch) | |
| tree | b7f827b07911eacf731f289da54d73128c1e7cf2 /test/web/oauth/oauth_controller_test.exs | |
| parent | aed0f902871524ecc1db0d8c088ce5939e7c685a (diff) | |
| download | pleroma-b096e30cffc79a4adf12be88da412a290cd0d190.tar.gz pleroma-b096e30cffc79a4adf12be88da412a290cd0d190.zip | |
[#114] Added email confirmation resend action. Added tests
for registration, authentication, email confirmation, confirmation resending.
Made admin methods create confirmed users.
Diffstat (limited to 'test/web/oauth/oauth_controller_test.exs')
| -rw-r--r-- | test/web/oauth/oauth_controller_test.exs | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index 3a902f128..55b471d8a 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -50,6 +50,26 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do assert Repo.get_by(Token, token: token) end + test "issues a token for `password` grant_type with valid credentials" do + password = "testpassword" + user = insert(:user, password_hash: Comeonin.Pbkdf2.hashpwsalt(password)) + + app = insert(:oauth_app) + + conn = + build_conn() + |> post("/oauth/token", %{ + "grant_type" => "password", + "username" => user.nickname, + "password" => password, + "client_id" => app.client_id, + "client_secret" => app.client_secret + }) + + assert %{"access_token" => token} = json_response(conn, 200) + assert Repo.get_by(Token, token: token) + end + test "issues a token for request with HTTP basic auth client credentials" do user = insert(:user) app = insert(:oauth_app) @@ -93,6 +113,36 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do refute Map.has_key?(resp, "access_token") end + test "rejects token exchange for valid credentials belonging to unconfirmed user" do + password = "testpassword" + user = insert(:user, password_hash: Comeonin.Pbkdf2.hashpwsalt(password)) + info_change = Pleroma.User.Info.confirmation_update(user.info, :unconfirmed) + + {:ok, user} = + user + |> Ecto.Changeset.change() + |> Ecto.Changeset.put_embed(:info, info_change) + |> Repo.update() + + refute Pleroma.User.auth_active?(user) + + app = insert(:oauth_app) + + conn = + build_conn() + |> post("/oauth/token", %{ + "grant_type" => "password", + "username" => user.nickname, + "password" => password, + "client_id" => app.client_id, + "client_secret" => app.client_secret + }) + + assert resp = json_response(conn, 403) + assert %{"error" => _} = resp + refute Map.has_key?(resp, "access_token") + end + test "rejects an invalid authorization code" do app = insert(:oauth_app) |