|
|
|
@ -20,7 +20,7 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.authorize')) |
|
|
|
|
|
|
|
|
|
# Upon authorizing, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It grants the app access to the account |
|
|
|
@ -35,7 +35,7 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.deny')) |
|
|
|
|
|
|
|
|
|
# Upon denying, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It does not grant the app access to the account |
|
|
|
@ -63,17 +63,17 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
# Failing to log-in presents the form again |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: 'wrong password' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('auth.login')) |
|
|
|
|
|
|
|
|
|
# Logging in redirects to an authorization page |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: password |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.authorize')) |
|
|
|
|
|
|
|
|
|
# Upon authorizing, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It grants the app access to the account |
|
|
|
@ -90,17 +90,17 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
# Failing to log-in presents the form again |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: 'wrong password' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('auth.login')) |
|
|
|
|
|
|
|
|
|
# Logging in redirects to an authorization page |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: password |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.authorize')) |
|
|
|
|
|
|
|
|
|
# Upon denying, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It does not grant the app access to the account |
|
|
|
@ -120,27 +120,27 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
# Failing to log-in presents the form again |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: 'wrong password' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('auth.login')) |
|
|
|
|
|
|
|
|
|
# Logging in redirects to a two-factor authentication page |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: password |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('simple_form.hints.sessions.otp')) |
|
|
|
|
|
|
|
|
|
# Filling in an incorrect two-factor authentication code presents the form again |
|
|
|
|
fill_in 'user_otp_attempt', with: 'wrong' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('simple_form.hints.sessions.otp')) |
|
|
|
|
|
|
|
|
|
# Filling in the correct TOTP code redirects to an app authorization page |
|
|
|
|
fill_in 'user_otp_attempt', with: user.current_otp |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.authorize')) |
|
|
|
|
|
|
|
|
|
# Upon authorizing, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.authorize') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It grants the app access to the account |
|
|
|
@ -157,27 +157,27 @@ describe 'Using OAuth from an external app' do |
|
|
|
|
# Failing to log-in presents the form again |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: 'wrong password' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('auth.login')) |
|
|
|
|
|
|
|
|
|
# Logging in redirects to a two-factor authentication page |
|
|
|
|
fill_in 'user_email', with: email |
|
|
|
|
fill_in 'user_password', with: password |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('simple_form.hints.sessions.otp')) |
|
|
|
|
|
|
|
|
|
# Filling in an incorrect two-factor authentication code presents the form again |
|
|
|
|
fill_in 'user_otp_attempt', with: 'wrong' |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('simple_form.hints.sessions.otp')) |
|
|
|
|
|
|
|
|
|
# Filling in the correct TOTP code redirects to an app authorization page |
|
|
|
|
fill_in 'user_otp_attempt', with: user.current_otp |
|
|
|
|
click_on I18n.t('auth.login') |
|
|
|
|
click_button I18n.t('auth.login') |
|
|
|
|
expect(page).to have_content(I18n.t('doorkeeper.authorizations.buttons.authorize')) |
|
|
|
|
|
|
|
|
|
# Upon denying, it redirects to the apps' callback URL |
|
|
|
|
click_on I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
click_button I18n.t('doorkeeper.authorizations.buttons.deny') |
|
|
|
|
expect(page).to have_current_path(/\A#{client_app.redirect_uri}/, url: true) |
|
|
|
|
|
|
|
|
|
# It does not grant the app access to the account |
|
|
|
|