X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/17bc0853a05cc392c335cc8637e901fa33dd75bd..b0ad96ebd474050bd807468b9b166c3850951e9b:/test/test_helper.rb diff --git a/test/test_helper.rb b/test/test_helper.rb index c45c73465..171028f4b 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -133,15 +133,16 @@ module ActiveSupport assert_equal a.tags, b.tags, "tags on node #{a.id}" end - ## - # return request header for HTTP Basic Authorization - def basic_authorization_header(user, pass) - { "Authorization" => format("Basic %s", :auth => Base64.encode64("#{user}:#{pass}")) } - end - ## # return request header for HTTP Bearer Authorization - def bearer_authorization_header(token) + def bearer_authorization_header(token_or_user = nil, scopes: Oauth::SCOPES) + token = case token_or_user + when nil then create(:oauth_access_token, :scopes => scopes).token + when User then create(:oauth_access_token, :resource_owner_id => token_or_user.id, :scopes => scopes).token + when Doorkeeper::AccessToken then token_or_user.token + when String then token_or_user + end + { "Authorization" => "Bearer #{token}" } end @@ -168,7 +169,7 @@ module ActiveSupport ## # Not sure this is the best response we could give def assert_inactive_user(msg = "an inactive user shouldn't be able to access the API") - assert_response :unauthorized, msg + assert_response :forbidden, msg # assert_equal @response.headers['Error'], "" end