oauth_test_controller_test.exs - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

oauth_test_controller_test.exs (1265B)
      1 # Pleroma: A lightweight social networking server
      2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
      3 # SPDX-License-Identifier: AGPL-3.0-only
      4 
      5 defmodule Pleroma.Tests.OAuthTestControllerTest do
      6   use Pleroma.Web.ConnCase
      7 
      8   import Pleroma.Factory
      9 
     10   setup %{conn: conn} do
     11     user = insert(:user)
     12     conn = assign(conn, :user, user)
     13     %{conn: conn, user: user}
     14   end
     15 
     16   test "missed_oauth", %{conn: conn} do
     17     res =
     18       conn
     19       |> get("/test/authenticated_api/missed_oauth")
     20       |> json_response(403)
     21 
     22     assert res ==
     23              %{
     24                "error" =>
     25                  "Security violation: OAuth scopes check was neither handled nor explicitly skipped."
     26              }
     27   end
     28 
     29   test "skipped_oauth", %{conn: conn} do
     30     conn
     31     |> assign(:token, nil)
     32     |> get("/test/authenticated_api/skipped_oauth")
     33     |> json_response(200)
     34   end
     35 
     36   test "performed_oauth", %{user: user} do
     37     %{conn: good_token_conn} = oauth_access(["read"], user: user)
     38 
     39     good_token_conn
     40     |> get("/test/authenticated_api/performed_oauth")
     41     |> json_response(200)
     42 
     43     %{conn: bad_token_conn} = oauth_access(["follow"], user: user)
     44 
     45     bad_token_conn
     46     |> get("/test/authenticated_api/performed_oauth")
     47     |> json_response(403)
     48   end
     49 end