Foodsoft/foodsoft
1
1
Fork 0
Code Issues 36 Pull requests 5 Projects 1 Releases Wiki Activity

Add OAuth scopes

Browse source 
https://github.com/foodcoops/foodsoft/issues/582#issuecomment-442513237
This commit is contained in:
wvengen 2019-02-05 20:53:02 +01:00 committed by wvengen
parent 02f1940694
commit e9be38b3e9
12 changed files with 162 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

22
spec/support/api_helper.rb
View file

@ -3,8 +3,28 @@ module ApiHelper
included do
let(:user) { create(:user) }
let(:api_access_token) { create(:oauth2_access_token, resource_owner_id: user.id).token }
let(:api_scopes) { [] } # empty scopes for stricter testing (in reality this would be default_scopes)
let(:api_access_token) { create(:oauth2_access_token, resource_owner_id: user.id, scopes: api_scopes&.join(' ')).token }
let(:api_authorization) { "Bearer #{api_access_token}" }
def self.it_handles_invalid_token(method, path, params_block = ->{ api_auth })
context 'with invalid access token' do
let(:api_access_token) { 'abc' }
it { is_expected.to validate(method, path, 401, instance_exec(&params_block)) }
end
end
def self.it_handles_invalid_scope(method, path, params_block = ->{ api_auth })
context 'with invalid scope' do
let(:api_scopes) { ['none'] }
it { is_expected.to validate(method, path, 403, instance_exec(&params_block)) }
end
end
def self.it_handles_invalid_token_and_scope(*args)
it_handles_invalid_token(*args)
it_handles_invalid_scope(*args)
end
end
# Add authentication to parameters for {Swagger::RspecHelpers#validate}