diff options
author | Harrison Healey <harrisonmhealey@gmail.com> | 2018-09-14 06:32:25 -0400 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2018-09-14 11:32:25 +0100 |
commit | 8afc52975318e6bd15b8335060476d9871acea15 (patch) | |
tree | 0f1c674b04b920f5114c3850a073d3cda18e3060 /api4/oauth_test.go | |
parent | f2ddef9117712508234b85583c240cc856141980 (diff) | |
download | chat-8afc52975318e6bd15b8335060476d9871acea15.tar.gz chat-8afc52975318e6bd15b8335060476d9871acea15.tar.bz2 chat-8afc52975318e6bd15b8335060476d9871acea15.zip |
MM-10573 Add error page if user doesn't authorize Mattermost for OAuth (#9402)
Diffstat (limited to 'api4/oauth_test.go')
-rw-r--r-- | api4/oauth_test.go | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/api4/oauth_test.go b/api4/oauth_test.go index cac40e442..dcc7cc5a2 100644 --- a/api4/oauth_test.go +++ b/api4/oauth_test.go @@ -8,6 +8,7 @@ import ( "io" "io/ioutil" "net/http" + "net/http/httptest" "net/url" "strconv" "testing" @@ -18,6 +19,7 @@ import ( "github.com/mattermost/mattermost-server/einterfaces" "github.com/mattermost/mattermost-server/model" "github.com/mattermost/mattermost-server/utils" + "github.com/mattermost/mattermost-server/web" ) func TestCreateOAuthApp(t *testing.T) { @@ -1147,6 +1149,30 @@ func TestOAuthComplete(t *testing.T) { } } +func TestOAuthComplete_AccessDenied(t *testing.T) { + th := Setup().InitBasic() + defer th.TearDown() + + c := &Context{ + App: th.App, + Params: &web.Params{ + Service: "TestService", + }, + } + responseWriter := httptest.NewRecorder() + request, _ := http.NewRequest(http.MethodGet, th.App.GetSiteURL()+"/signup/TestService/complete?error=access_denied", nil) + + completeOAuth(c, responseWriter, request) + + response := responseWriter.Result() + + assert.Equal(t, http.StatusTemporaryRedirect, response.StatusCode) + + location, _ := url.Parse(response.Header.Get("Location")) + assert.Equal(t, "oauth_access_denied", location.Query().Get("type")) + assert.Equal(t, "TestService", location.Query().Get("service")) +} + func HttpGet(url string, httpClient *http.Client, authToken string, followRedirect bool) (*http.Response, *model.AppError) { rq, _ := http.NewRequest("GET", url, nil) rq.Close = true |