|
|
|
@ -87,9 +87,10 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
it 'redirects with an error if requesting unknown scopes' do
|
|
|
|
|
request_endpoint(valid_payload.merge(scope: 'invalid wadus'))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_scope'))
|
|
|
|
|
end
|
|
|
|
@ -99,6 +100,7 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_scope'))
|
|
|
|
|
end
|
|
|
|
@ -108,6 +110,7 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_scope'))
|
|
|
|
|
end
|
|
|
|
@ -118,6 +121,7 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_scope'))
|
|
|
|
|
end
|
|
|
|
@ -127,6 +131,7 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_scope'))
|
|
|
|
|
end
|
|
|
|
@ -136,6 +141,7 @@ describe Carto::OauthProviderController do
|
|
|
|
|
|
|
|
|
|
expect(response.status).to(eq(302))
|
|
|
|
|
expect(response.location).to(start_with(@oauth_app.redirect_uris.first))
|
|
|
|
|
expect(response.location).to(include(valid_payload[:state]))
|
|
|
|
|
qs = parse_uri_parameters(response.location)
|
|
|
|
|
expect(qs['error']).to(eq('invalid_request'))
|
|
|
|
|
expect(qs['error_description']).to(eq('The redirect_uri must match the redirect_uri param used in the authorization request'))
|
|
|
|
|