From e92308e4211441497c6dcefff5844d099d3ada06 Mon Sep 17 00:00:00 2001
From: juanifioren <juanifioren@gmail.com>
Date: Thu, 7 May 2015 16:08:12 -0300
Subject: [PATCH] Add tests for scope validation in userinfo endpoint.

---
 oidc_provider/tests/test_userinfo_endpoint.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/oidc_provider/tests/test_userinfo_endpoint.py b/oidc_provider/tests/test_userinfo_endpoint.py
index 5fe48f0..9fb92a3 100644
--- a/oidc_provider/tests/test_userinfo_endpoint.py
+++ b/oidc_provider/tests/test_userinfo_endpoint.py
@@ -75,4 +75,20 @@ class UserInfoTestCase(TestCase):
             is_header_field_ok = 'invalid_token' in response['WWW-Authenticate']
         except KeyError:
             is_header_field_ok = False
+        self.assertEqual(is_header_field_ok, True)
+
+    def test_response_with_invalid_scope(self):
+        token = self._create_token()
+
+        token.scope = ['otherone']
+        token.save()
+
+        response = self._post_request(token.access_token)
+
+        self.assertEqual(response.status_code, 403)
+
+        try:
+            is_header_field_ok = 'insufficient_scope' in response['WWW-Authenticate']
+        except KeyError:
+            is_header_field_ok = False
         self.assertEqual(is_header_field_ok, True)
\ No newline at end of file