about summary refs log tree commit diff
path: root/spec/controllers/api/v1/apps
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2017-09-30 22:05:42 +0200
committerGitHub <noreply@github.com>2017-09-30 22:05:42 +0200
commiteb605141ffb95290c5a537802ea418e6e45bf95f (patch)
treec09b15c974ad54ab03acfc650f83e8e73d8b139f /spec/controllers/api/v1/apps
parent1e1d7887577ce5e2b1ceb0c1d08578ca173d5f5f (diff)
Fix #5104 - GET /api/v1/apps/verify_credentials to confirm app works (#5112)
Diffstat (limited to 'spec/controllers/api/v1/apps')
-rw-r--r--spec/controllers/api/v1/apps/credentials_controller_spec.rb43
1 files changed, 43 insertions, 0 deletions
diff --git a/spec/controllers/api/v1/apps/credentials_controller_spec.rb b/spec/controllers/api/v1/apps/credentials_controller_spec.rb
new file mode 100644
index 000000000..38f2a4e10
--- /dev/null
+++ b/spec/controllers/api/v1/apps/credentials_controller_spec.rb
@@ -0,0 +1,43 @@
+require 'rails_helper'
+
+describe Api::V1::Apps::CredentialsController do
+  render_views
+
+  let(:token) { Fabricate(:accessible_access_token, scopes: 'read', application: Fabricate(:application)) }
+
+  context 'with an oauth token' do
+    before do
+      allow(controller).to receive(:doorkeeper_token) { token }
+    end
+
+    describe 'GET #show' do
+      before do
+        get :show
+      end
+
+      it 'returns http success' do
+        expect(response).to have_http_status(:success)
+      end
+
+      it 'does not contain client credentials' do
+        json = body_as_json
+
+        expect(json).to_not have_key(:client_secret)
+        expect(json).to_not have_key(:client_id)
+      end
+    end
+  end
+
+  context 'without an oauth token' do
+    before do
+      allow(controller).to receive(:doorkeeper_token) { nil }
+    end
+
+    describe 'GET #show' do
+      it 'returns http unauthorized' do
+        get :show
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+  end
+end