Commit f38c316e authored by rinpatch's avatar rinpatch
Browse files

Merge branch 'bugfix/oauth-scopes-join' into 'develop'

Bugfix: OAuth scopes formatting

Closes #702

See merge request pleroma/pleroma!881
parents b91a6dd8 bb9e4096
Pipeline #8425 passed with stages
in 3 minutes and 20 seconds
......@@ -113,7 +113,7 @@ def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
refresh_token: token.refresh_token,
created_at: DateTime.to_unix(inserted_at),
expires_in: 60 * 10,
scope: Enum.join(token.scopes)
scope: Enum.join(token.scopes, " ")
}
json(conn, response)
......
......@@ -165,10 +165,10 @@ test "issues a token for `password` grant_type with valid credentials, with full
test "issues a token for request with HTTP basic auth client credentials" do
user = insert(:user)
app = insert(:oauth_app, scopes: ["scope1", "scope2"])
app = insert(:oauth_app, scopes: ["scope1", "scope2", "scope3"])
{:ok, auth} = Authorization.create_authorization(app, user, ["scope2"])
assert auth.scopes == ["scope2"]
{:ok, auth} = Authorization.create_authorization(app, user, ["scope1", "scope2"])
assert auth.scopes == ["scope1", "scope2"]
app_encoded =
(URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret))
......@@ -183,11 +183,13 @@ test "issues a token for request with HTTP basic auth client credentials" do
"redirect_uri" => app.redirect_uris
})
assert %{"access_token" => token} = json_response(conn, 200)
assert %{"access_token" => token, "scope" => scope} = json_response(conn, 200)
assert scope == "scope1 scope2"
token = Repo.get_by(Token, token: token)
assert token
assert token.scopes == ["scope2"]
assert token.scopes == ["scope1", "scope2"]
end
test "rejects token exchange with invalid client credentials" do
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment