From eacab0fb056ffc018b7e0abea27db7af435dc553 Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Sun, 14 Oct 2018 01:45:11 +0200
Subject: Delete Tokens and Authorizations on password change

Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
---
 test/web/oauth/authorization_test.exs | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'test/web/oauth/authorization_test.exs')

diff --git a/test/web/oauth/authorization_test.exs b/test/web/oauth/authorization_test.exs
index 4a9e2a3ac..98c7c4133 100644
--- a/test/web/oauth/authorization_test.exs
+++ b/test/web/oauth/authorization_test.exs
@@ -55,4 +55,26 @@ defmodule Pleroma.Web.OAuth.AuthorizationTest do
 
     assert {:error, "token expired"} == Authorization.use_token(expired_auth)
   end
+
+  test "delete authorizations" do
+    {:ok, app} =
+      Repo.insert(
+        App.register_changeset(%App{}, %{
+          client_name: "client",
+          scopes: "scope",
+          redirect_uris: "url"
+        })
+      )
+
+    user = insert(:user)
+
+    {:ok, auth} = Authorization.create_authorization(app, user)
+    {:ok, auth} = Authorization.use_token(auth)
+
+    {auths, _} = Authorization.delete_user_authorizations(user)
+
+    {_, invalid} = Authorization.use_token(auth)
+
+    assert auth != invalid
+  end
 end
-- 
cgit v1.2.3