More client credentials test

2024-11-08 21:52:24 +05:30 · 2015-04-05 18:18:09 +01:00 · 2015-04-05 18:18:09 +01:00 · 775d42115a
commit 775d42115a
parent f3705865a3
5 changed files with 66 additions and 1 deletions
--- a/tests/api/ClientCredentialsCept.php
+++ b/tests/api/ClientCredentialsCept.php
@ -2,7 +2,7 @@
 $I = new ApiTester($scenario);
 $I->wantTo('get an access token using the client credentials grant');
 $I->sendPOST(
-    'access_token',
+    'client_credentials.php/access_token',
    [
        'grant_type'    => 'client_credentials',
        'client_id'     => 'myawesomeapp',
--- a/tests/api/ClientCredentialsInvalidClientIdCept.php
+++ b/tests/api/ClientCredentialsInvalidClientIdCept.php
@ -0,0 +1,17 @@
+<?php
+$I = new ApiTester($scenario);
+$I->wantTo('get an access token using the client credentials grant, invalid client id');
+$I->sendPOST(
+    'client_credentials.php/access_token',
+    [
+        'grant_type'    => 'client_credentials',
+        'client_id'     => 'myawesomeapp-wrong',
+        'client_secret' => 'foobar'
+    ]
+);
+$I->canSeeResponseCodeIs(401);
+$I->canSeeResponseIsJson();
+$I->seeResponseContainsJson([
+    'error'   => 'invalid_client',
+    'message' => 'Client authentication failed.'
+]);
--- a/tests/api/ClientCredentialsInvalidClientSecretCept.php
+++ b/tests/api/ClientCredentialsInvalidClientSecretCept.php
@ -0,0 +1,17 @@
+<?php
+$I = new ApiTester($scenario);
+$I->wantTo('get an access token using the client credentials grant, invalid client secret');
+$I->sendPOST(
+    'client_credentials.php/access_token',
+    [
+        'grant_type'    => 'client_credentials',
+        'client_id'     => 'myawesomeapp',
+        'client_secret' => 'foobar'
+    ]
+);
+$I->canSeeResponseCodeIs(401);
+$I->canSeeResponseIsJson();
+$I->seeResponseContainsJson([
+    'error'   => 'invalid_client',
+    'message' => 'Client authentication failed.'
+]);
--- a/tests/api/ClientCredentialsMissingClientIdCept.php
+++ b/tests/api/ClientCredentialsMissingClientIdCept.php
@ -0,0 +1,15 @@
+<?php
+$I = new ApiTester($scenario);
+$I->wantTo('get an access token using the client credentials grant, missing client id');
+$I->sendPOST(
+    'client_credentials.php/access_token',
+    [
+        'grant_type' => 'client_credentials'
+    ]
+);
+$I->canSeeResponseCodeIs(400);
+$I->canSeeResponseIsJson();
+$I->seeResponseContainsJson([
+    'error'   => 'invalid_request',
+    'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_id" parameter.'
+]);
--- a/tests/api/ClientCredentialsMissingClientSecretCept.php
+++ b/tests/api/ClientCredentialsMissingClientSecretCept.php
@ -0,0 +1,16 @@
+<?php
+$I = new ApiTester($scenario);
+$I->wantTo('get an access token using the client credentials grant, missing client secret');
+$I->sendPOST(
+    'client_credentials.php/access_token',
+    [
+        'grant_type' => 'client_credentials',
+        'client_id'  => 'myawesomeapp'
+    ]
+);
+$I->canSeeResponseCodeIs(400);
+$I->canSeeResponseIsJson();
+$I->seeResponseContainsJson([
+    'error'   => 'invalid_request',
+    'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_secret" parameter.'
+]);