diff options
| author | lain <lain@soykaf.club> | 2019-11-11 12:27:33 +0000 |
|---|---|---|
| committer | lain <lain@soykaf.club> | 2019-11-11 12:27:33 +0000 |
| commit | 1ca7b877a153d57f34f3d5a4b380a824d5d4b809 (patch) | |
| tree | 823110629b7f464229e16a58e455e4583e2c9d1e /test | |
| parent | 417f9a782f3a8b549c6b2493b0965e68eddc9403 (diff) | |
| parent | e1fc6cb78f07653300965d212d9c5ece9f5c3de0 (diff) | |
| download | pleroma-1ca7b877a153d57f34f3d5a4b380a824d5d4b809.tar.gz | |
Merge branch 'iss-1376' into 'develop'
Check client and token in GET /oauth/authorize
See merge request pleroma/pleroma!1940
Diffstat (limited to 'test')
| -rw-r--r-- | test/web/oauth/oauth_controller_test.exs | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index ad8d79083..beb995cd8 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -469,6 +469,29 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do assert html_response(conn, 200) =~ ~s(type="submit") end + test "renders authentication page if user is already authenticated but user request with another client", + %{ + app: app, + conn: conn + } do + token = insert(:oauth_token, app_id: app.id) + + conn = + conn + |> put_session(:oauth_token, token.token) + |> get( + "/oauth/authorize", + %{ + "response_type" => "code", + "client_id" => "another_client_id", + "redirect_uri" => OAuthController.default_redirect_uri(app), + "scope" => "read" + } + ) + + assert html_response(conn, 200) =~ ~s(type="submit") + end + test "with existing authentication and non-OOB `redirect_uri`, redirects to app with `token` and `state` params", %{ app: app, |