X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/bd1bf189fb67eb1f56bafe4c39d05cc7b4aea472..95e1aff23493b3725d5259bcca7bcc79d7d3bc26:/test/test_helper.rb?ds=inline diff --git a/test/test_helper.rb b/test/test_helper.rb index 1d04f57da..171028f4b 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -133,53 +133,17 @@ module ActiveSupport assert_equal a.tags, b.tags, "tags on node #{a.id}" end - ## - # return request header for HTTP Basic Authorization - def basic_authorization_header(user, pass) - { "Authorization" => format("Basic %s", :auth => Base64.encode64("#{user}:#{pass}")) } - end - ## # return request header for HTTP Bearer Authorization - def bearer_authorization_header(token) - { "Authorization" => "Bearer #{token}" } - end - - ## - # make an OAuth signed request - def signed_request(method, uri, options = {}) - uri = URI.parse(uri) - uri.scheme ||= "http" - uri.host ||= "www.example.com" - - oauth = options.delete(:oauth) - params = options.fetch(:params, {}).transform_keys(&:to_s) - - oauth[:consumer] ||= oauth[:token].client_application - - helper = OAuth::Client::Helper.new(nil, oauth) + def bearer_authorization_header(token_or_user = nil, scopes: Oauth::SCOPES) + token = case token_or_user + when nil then create(:oauth_access_token, :scopes => scopes).token + when User then create(:oauth_access_token, :resource_owner_id => token_or_user.id, :scopes => scopes).token + when Doorkeeper::AccessToken then token_or_user.token + when String then token_or_user + end - request = OAuth::RequestProxy.proxy( - "method" => method.to_s.upcase, - "uri" => uri, - "parameters" => params.merge(helper.oauth_parameters) - ) - - request.sign!(oauth) - - method(method).call(request.signed_uri, **options) - end - - ## - # make an OAuth signed GET request - def signed_get(uri, options = {}) - signed_request(:get, uri, options) - end - - ## - # make an OAuth signed POST request - def signed_post(uri, options = {}) - signed_request(:post, uri, options) + { "Authorization" => "Bearer #{token}" } end ## @@ -205,7 +169,7 @@ module ActiveSupport ## # Not sure this is the best response we could give def assert_inactive_user(msg = "an inactive user shouldn't be able to access the API") - assert_response :unauthorized, msg + assert_response :forbidden, msg # assert_equal @response.headers['Error'], "" end