diff options
| author | rinpatch <rinpatch@sdf.org> | 2019-03-02 06:39:07 +0000 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2019-03-02 06:39:07 +0000 |
| commit | f38c316e6edbc88f1808a0c39488231ce17e4f35 (patch) | |
| tree | b9375def5691dd3a5b86ba9ce3f02a506a5de8b3 | |
| parent | b91a6dd85e143b6f1505a53b13b5c9d9ae6cbf8a (diff) | |
| parent | bb9e40968a90b882ba85e71a2622756e40563207 (diff) | |
| download | pleroma-f38c316e6edbc88f1808a0c39488231ce17e4f35.tar.gz | |
Merge branch 'bugfix/oauth-scopes-join' into 'develop'
Bugfix: OAuth scopes formatting
Closes #702
See merge request pleroma/pleroma!881
| -rw-r--r-- | lib/pleroma/web/oauth/oauth_controller.ex | 2 | ||||
| -rw-r--r-- | test/web/oauth/oauth_controller_test.exs | 12 |
2 files changed, 8 insertions, 6 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index b16e3b2a7..36318d69b 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -113,7 +113,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do refresh_token: token.refresh_token, created_at: DateTime.to_unix(inserted_at), expires_in: 60 * 10, - scope: Enum.join(token.scopes) + scope: Enum.join(token.scopes, " ") } json(conn, response) diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index 53d83e6e8..ed94416ff 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -165,10 +165,10 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do test "issues a token for request with HTTP basic auth client credentials" do user = insert(:user) - app = insert(:oauth_app, scopes: ["scope1", "scope2"]) + app = insert(:oauth_app, scopes: ["scope1", "scope2", "scope3"]) - {:ok, auth} = Authorization.create_authorization(app, user, ["scope2"]) - assert auth.scopes == ["scope2"] + {:ok, auth} = Authorization.create_authorization(app, user, ["scope1", "scope2"]) + assert auth.scopes == ["scope1", "scope2"] app_encoded = (URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret)) @@ -183,11 +183,13 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do "redirect_uri" => app.redirect_uris }) - assert %{"access_token" => token} = json_response(conn, 200) + assert %{"access_token" => token, "scope" => scope} = json_response(conn, 200) + + assert scope == "scope1 scope2" token = Repo.get_by(Token, token: token) assert token - assert token.scopes == ["scope2"] + assert token.scopes == ["scope1", "scope2"] end test "rejects token exchange with invalid client credentials" do |