Add tests for scope validation in userinfo endpoint.
This commit is contained in:
parent
03634f90e9
commit
e92308e421
1 changed files with 16 additions and 0 deletions
|
@ -75,4 +75,20 @@ class UserInfoTestCase(TestCase):
|
|||
is_header_field_ok = 'invalid_token' in response['WWW-Authenticate']
|
||||
except KeyError:
|
||||
is_header_field_ok = False
|
||||
self.assertEqual(is_header_field_ok, True)
|
||||
|
||||
def test_response_with_invalid_scope(self):
|
||||
token = self._create_token()
|
||||
|
||||
token.scope = ['otherone']
|
||||
token.save()
|
||||
|
||||
response = self._post_request(token.access_token)
|
||||
|
||||
self.assertEqual(response.status_code, 403)
|
||||
|
||||
try:
|
||||
is_header_field_ok = 'insufficient_scope' in response['WWW-Authenticate']
|
||||
except KeyError:
|
||||
is_header_field_ok = False
|
||||
self.assertEqual(is_header_field_ok, True)
|
Loading…
Reference in a new issue