diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-11 18:15:55 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-11 18:15:55 +0300 |
commit | a8281ac43424e4b820286823bdb48f068b21d7d3 (patch) | |
tree | f8064c724e33f22402ecc4bd0a8c23ea01e6eac1 /spec/controllers/oauth | |
parent | 22391da1261240ecc15aa15cbb19b089339902b5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/controllers/oauth')
-rw-r--r-- | spec/controllers/oauth/token_info_controller_spec.rb | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/spec/controllers/oauth/token_info_controller_spec.rb b/spec/controllers/oauth/token_info_controller_spec.rb index 6d01a534673..b66fff4d4e9 100644 --- a/spec/controllers/oauth/token_info_controller_spec.rb +++ b/spec/controllers/oauth/token_info_controller_spec.rb @@ -5,11 +5,11 @@ require 'spec_helper' RSpec.describe Oauth::TokenInfoController do describe '#show' do context 'when the user is not authenticated' do - it 'responds with a 400' do + it 'responds with a 401' do get :show - expect(response).to have_gitlab_http_status(:bad_request) - expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_request') + expect(response).to have_gitlab_http_status(:unauthorized) + expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token') end end @@ -36,11 +36,11 @@ RSpec.describe Oauth::TokenInfoController do end context 'when the doorkeeper_token is not recognised' do - it 'responds with a 400' do + it 'responds with a 401' do get :show, params: { access_token: 'unknown_token' } - expect(response).to have_gitlab_http_status(:bad_request) - expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_request') + expect(response).to have_gitlab_http_status(:unauthorized) + expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token') end end @@ -49,22 +49,22 @@ RSpec.describe Oauth::TokenInfoController do create(:oauth_access_token, created_at: 2.days.ago, expires_in: 10.minutes) end - it 'responds with a 400' do + it 'responds with a 401' do get :show, params: { access_token: access_token.token } - expect(response).to have_gitlab_http_status(:bad_request) - expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_request') + expect(response).to have_gitlab_http_status(:unauthorized) + expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token') end end context 'when the token is revoked' do let(:access_token) { create(:oauth_access_token, revoked_at: 2.days.ago) } - it 'responds with a 400' do + it 'responds with a 401' do get :show, params: { access_token: access_token.token } - expect(response).to have_gitlab_http_status(:bad_request) - expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_request') + expect(response).to have_gitlab_http_status(:unauthorized) + expect(Gitlab::Json.parse(response.body)).to include('error' => 'invalid_token') end end end |