2020-02-17 22:08:54 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
RSpec.describe Oauth::TokenInfoController do
|
|
|
|
describe '#show' do
|
|
|
|
context 'when the user is not authenticated' do
|
2022-01-11 10:15:55 -05:00
|
|
|
it 'responds with a 401' do
|
2020-02-17 22:08:54 -05:00
|
|
|
get :show
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
|
|
expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token')
|
2020-02-17 22:08:54 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the request is valid' do
|
|
|
|
let(:application) { create(:oauth_application, scopes: 'api') }
|
|
|
|
let(:access_token) do
|
|
|
|
create(:oauth_access_token, expires_in: 5.minutes, application: application)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'responds with the token info' do
|
|
|
|
get :show, params: { access_token: access_token.token }
|
|
|
|
|
2020-03-31 17:08:05 -04:00
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
2020-04-30 14:09:38 -04:00
|
|
|
expect(Gitlab::Json.parse(response.body)).to eq(
|
2020-02-17 22:08:54 -05:00
|
|
|
'scope' => %w[api],
|
|
|
|
'scopes' => %w[api],
|
|
|
|
'created_at' => access_token.created_at.to_i,
|
|
|
|
'expires_in' => access_token.expires_in,
|
|
|
|
'application' => { 'uid' => application.uid },
|
|
|
|
'resource_owner_id' => access_token.resource_owner_id,
|
|
|
|
'expires_in_seconds' => access_token.expires_in
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the doorkeeper_token is not recognised' do
|
2022-01-11 10:15:55 -05:00
|
|
|
it 'responds with a 401' do
|
2020-02-17 22:08:54 -05:00
|
|
|
get :show, params: { access_token: 'unknown_token' }
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
|
|
expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token')
|
2020-02-17 22:08:54 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the token is expired' do
|
|
|
|
let(:access_token) do
|
|
|
|
create(:oauth_access_token, created_at: 2.days.ago, expires_in: 10.minutes)
|
|
|
|
end
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
it 'responds with a 401' do
|
2020-02-17 22:08:54 -05:00
|
|
|
get :show, params: { access_token: access_token.token }
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
|
|
expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token')
|
2020-02-17 22:08:54 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the token is revoked' do
|
|
|
|
let(:access_token) { create(:oauth_access_token, revoked_at: 2.days.ago) }
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
it 'responds with a 401' do
|
2020-02-17 22:08:54 -05:00
|
|
|
get :show, params: { access_token: access_token.token }
|
|
|
|
|
2022-01-11 10:15:55 -05:00
|
|
|
expect(response).to have_gitlab_http_status(:unauthorized)
|
|
|
|
expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token')
|
2020-02-17 22:08:54 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2020-08-05 17:09:40 -04:00
|
|
|
|
|
|
|
it 'includes Two-factor enforcement concern' do
|
|
|
|
expect(described_class.included_modules.include?(EnforcesTwoFactorAuthentication)).to eq(true)
|
|
|
|
end
|
2020-02-17 22:08:54 -05:00
|
|
|
end
|