Merge branch 'bugfix/oauth-scopes-join' into 'develop'

Bugfix: OAuth scopes formatting Closes #702 See merge request pleroma/pleroma!881
2019-03-02 06:39:07 +00:00 · 2019-03-02 06:39:07 +00:00 · f38c316e6e
parent b91a6dd85e bb9e40968a
commit f38c316e6e
2 changed files with 8 additions and 6 deletions
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -113,7 +113,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
        refresh_token: token.refresh_token,
        created_at: DateTime.to_unix(inserted_at),
        expires_in: 60 * 10,
-        scope: Enum.join(token.scopes)
+        scope: Enum.join(token.scopes, " ")
      }

      json(conn, response)
--- a/test/web/oauth/oauth_controller_test.exs
+++ b/test/web/oauth/oauth_controller_test.exs
@ -165,10 +165,10 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do

  test "issues a token for request with HTTP basic auth client credentials" do
    user = insert(:user)
-    app = insert(:oauth_app, scopes: ["scope1", "scope2"])
+    app = insert(:oauth_app, scopes: ["scope1", "scope2", "scope3"])

-    {:ok, auth} = Authorization.create_authorization(app, user, ["scope2"])
-    assert auth.scopes == ["scope2"]
+    {:ok, auth} = Authorization.create_authorization(app, user, ["scope1", "scope2"])
+    assert auth.scopes == ["scope1", "scope2"]

    app_encoded =
      (URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret))
@ -183,11 +183,13 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
        "redirect_uri" => app.redirect_uris
      })

-    assert %{"access_token" => token} = json_response(conn, 200)
+    assert %{"access_token" => token, "scope" => scope} = json_response(conn, 200)
+
+    assert scope == "scope1 scope2"

    token = Repo.get_by(Token, token: token)
    assert token
-    assert token.scopes == ["scope2"]
+    assert token.scopes == ["scope1", "scope2"]
  end

  test "rejects token exchange with invalid client credentials" do