+ def oauth10a_refused(client)
+ token = get_request_token(client, :oauth_callback => "oob")
+
+ post "/oauth/authorize", :oauth_token => token.token
+ assert_response :success
+ assert_template :authorize_failure
+ assert_select "p", "You have denied application #{client.name} access to your account."
+ token.reload
+ assert_nil token.authorized_at
+ assert_not_nil token.invalidated_at
+
+ post "/oauth/authorize", :oauth_token => token.token
+ assert_response :success
+ assert_template :authorize_failure
+ assert_select "p", "The authorization token is not valid."
+ token.reload
+ assert_nil token.authorized_at
+ assert_not_nil token.invalidated_at
+ end
+