- post_via_redirect "/login",
- :username => client.user.email, :password => "test"
- assert_response :success
+ session_for(user)
+
+ oauth10_without_callback(client)
+ oauth10_with_callback(client, "http://another.web.app.example.org/callback")
+ oauth10_refused(client)
+ end
+
+ def test_oauth10_desktop_app
+ client = create(:client_application, :allow_read_prefs => true, :allow_write_api => true, :allow_read_gpx => true)
+ user = create(:user)
+
+ session_for(user)
+
+ oauth10_without_callback(client)
+ oauth10_refused(client)
+ end
+
+ def test_oauth10a_web_app
+ client = create(:client_application, :callback_url => "http://some.web.app.example.org/callback", :allow_read_prefs => true, :allow_write_api => true, :allow_read_gpx => true)
+ user = create(:user)
+
+ session_for(user)
+
+ oauth10a_without_callback(client)
+ oauth10a_with_callback(client, "http://another.web.app.example.org/callback")
+ oauth10a_refused(client)
+ end
+
+ def test_oauth10a_desktop_app
+ client = create(:client_application, :allow_read_prefs => true, :allow_write_api => true, :allow_read_gpx => true)
+ user = create(:user)
+
+ session_for(user)
+
+ oauth10a_without_callback(client)
+ oauth10a_refused(client)
+ end
+
+ private
+
+ def oauth10_without_callback(client)
+ token = get_request_token(client)