defmodule Pleroma.Web.OAuth.TokenTest do
use Pleroma.DataCase
+ alias Pleroma.Repo
alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Authorization
alias Pleroma.Web.OAuth.Token
- alias Pleroma.Repo
import Pleroma.Factory
- test "exchanges a auth token for an access token" do
+ test "exchanges a auth token for an access token, preserving `scopes`" do
{:ok, app} =
Repo.insert(
App.register_changeset(%App{}, %{
client_name: "client",
- scopes: "scope",
+ scopes: ["read", "write"],
redirect_uris: "url"
})
)
user = insert(:user)
- {:ok, auth} = Authorization.create_authorization(app, user)
+ {:ok, auth} = Authorization.create_authorization(app, user, ["read"])
+ assert auth.scopes == ["read"]
{:ok, token} = Token.exchange_token(app, auth)
assert token.app_id == app.id
assert token.user_id == user.id
+ assert token.scopes == auth.scopes
assert String.length(token.token) > 10
assert String.length(token.refresh_token) > 10
Repo.insert(
App.register_changeset(%App{}, %{
client_name: "client1",
- scopes: "scope",
+ scopes: ["scope"],
redirect_uris: "url"
})
)
Repo.insert(
App.register_changeset(%App{}, %{
client_name: "client2",
- scopes: "scope",
+ scopes: ["scope"],
redirect_uris: "url"
})
)
assert tokens == 2
end
+
+ test "deletes expired tokens" do
+ insert(:oauth_token, valid_until: Timex.shift(Timex.now(), days: -3))
+ insert(:oauth_token, valid_until: Timex.shift(Timex.now(), days: -3))
+ t3 = insert(:oauth_token)
+ t4 = insert(:oauth_token, valid_until: Timex.shift(Timex.now(), minutes: 10))
+ {tokens, _} = Token.delete_expired_tokens()
+ assert tokens == 2
+ available_tokens = Pleroma.Repo.all(Token)
+
+ token_ids = available_tokens |> Enum.map(& &1.id)
+ assert token_ids == [t3.id, t4.id]
+ end
end