コード例 #1
0
 def test_creating_a_token_disallowed_scope(self):
     """
     Test creating an access token when specifying a scope that the app hasn't been assigned.
     """
     app_and_scope = OAuthApplicationScopeFactory(scopes=[
         TestScope.test_scope_1,
     ])
     app = app_and_scope.application
     client = APIClient()
     client.credentials(HTTP_AUTHORIZATION=_create_auth_header(
         app.client_id, app.client_secret), )
     data = {
         'grant_type': 'client_credentials',
         'scope': TestScope.test_scope_2.value,
     }
     url = reverse('token')
     response = client.post(
         url,
         data=urlencode(data),
         content_type='application/x-www-form-urlencoded',
     )
     assert response.status_code == status.HTTP_401_UNAUTHORIZED
     assert response.json() == {
         'error': 'invalid_scope',
     }
コード例 #2
0
 def test_creating_a_token_default_scope(self):
     """Test creating an access token with default application scopes."""
     app_and_scope = OAuthApplicationScopeFactory(
         scopes=[TestScope.test_scope_1])
     app = app_and_scope.application
     client = APIClient()
     client.credentials(HTTP_AUTHORIZATION=_create_auth_header(
         app.client_id, app.client_secret), )
     data = {'grant_type': 'client_credentials'}
     url = reverse('token')
     response = client.post(
         url,
         data=urlencode(data),
         content_type='application/x-www-form-urlencoded',
     )
     assert response.status_code == status.HTTP_200_OK
     assert response.json()['scope'] == TestScope.test_scope_1