+ for {user, expected_scopes} <- %{
+ non_admin => ["read:subscope", "write"],
+ admin => ["read:subscope", "write", "admin"]
+ } do
+ conn =
+ build_conn()
+ |> post("/oauth/authorize", %{
+ "authorization" => %{
+ "name" => user.nickname,
+ "password" => "test",
+ "client_id" => app.client_id,
+ "redirect_uri" => redirect_uri,
+ "scope" => "read:subscope write admin",
+ "state" => "statepassed"
+ }
+ })
+
+ target = redirected_to(conn)
+ assert target =~ redirect_uri