diff options
Diffstat (limited to 'test/web/oauth')
| -rw-r--r-- | test/web/oauth/oauth_controller_test.exs | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index ccd552258..e0d3cb55f 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -34,6 +34,31 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do assert Repo.get_by(Authorization, token: code) end + test "correctly handles wrong credentials", %{conn: conn} do + user = insert(:user) + app = insert(:oauth_app) + + result = + conn + |> post("/oauth/authorize", %{ + "authorization" => %{ + "name" => user.nickname, + "password" => "wrong", + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "statepassed" + } + }) + |> html_response(:unauthorized) + + # Keep the details + assert result =~ app.client_id + assert result =~ app.redirect_uris + + # Error message + assert result =~ "Invalid" + end + test "issues a token for an all-body request" do user = insert(:user) app = insert(:oauth_app) |