Reorganize OAuth endpoints Change-Id: I691d8b819fa1109bdb7f758800044e55150ffcb2

commit: 041ca4d57b6e54305bbeb06b89c3481575b553e8 [log] [tgz]
author: Akron <nils@diewald-online.de> Thu Jun 10 11:52:51 2021 +0200
committer: Akron <nils@diewald-online.de> Fri Jun 11 12:29:17 2021 +0200
tree: 9a09be89de2ac298474dfca1af1e886a4f6e9e14
parent: c1aaf933978d870fd9f06bd84ac70019c2ac5e9b [diff]
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index 4bdfe54..a531bc5 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t

@@ -474,25 +474,23 @@
   ->text_is('ul.client-list > li > span.client-url a', '')
   ;
 
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->status_is(200)
   ->text_is('ul.client-list > li.client > span.client-name', 'MyApp')
   ->text_is('ul.client-list > li.client > span.client-desc', 'This is my application')
   ->text_is('a.client-unregister', 'Unregister')
-  ->attr_is('a.client-unregister', 'href', '/settings/oauth/unregister/fCBbQkA2NDA3MzM1Yw==?name=MyApp')
+  ->attr_is('a.client-unregister', 'href', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister?name=MyApp')
   ;
 
-$csrf = $t->get_ok('/settings/oauth/unregister/fCBbQkA2NDA3MzM1Yw==?name=MyApp')
+$csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister?name=MyApp')
   ->content_like(qr!Do you really want to unregister \<span class="client-name"\>MyApp\<\/span\>?!)
-  ->attr_is('.form-table input[name=client-id]', 'value', 'fCBbQkA2NDA3MzM1Yw==')
   ->attr_is('.form-table input[name=client-name]', 'value', 'MyApp')
   ->tx->res->dom->at('input[name="csrf_token"]')
   ->attr('value')
   ;
 
-$t->post_ok('/settings/oauth/unregister' => form => {
+$t->post_ok('/settings/oauth/xxxx==/unregister' => form => {
   'client-name' => 'MyApp',
-  'client-id' => 'xxxx==',
   'csrf_token' => $csrf
 })->status_is(302)
   ->content_is('')
@@ -506,9 +504,8 @@
   ->text_is('div.notify', 'Unknown client with xxxx==.')
   ;
 
-$t->post_ok('/settings/oauth/unregister' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister' => form => {
   'client-name' => 'MyApp',
-  'client-id' => 'fCBbQkA2NDA3MzM1Yw==',
   'csrf_token' => $csrf
 })->status_is(302)
   ->content_is('')
@@ -535,93 +532,93 @@
   ->element_exists_not('input[name=client_secret][readonly][value]')
   ;
 
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->text_is('.client-name', 'MyApp2')
   ->text_is('.client-desc', 'This is my application')
   ->text_is('.client-issue-token', 'IssueToken')
-  ->attr_is('.client-issue-token', 'href', '/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token/issue?name=MyApp2')
+  ->attr_is('.client-issue-token', 'href', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?name=MyApp2')
   ;
 
-$csrf = $t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token/issue?name=MyApp2')
+$csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?name=MyApp2')
   ->status_is(200)
-  ->attr_is('#issue-token','action', '/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token')
+  ->attr_is('#issue-token','action', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token')
   ->attr_is('input[name=client-id]', 'value', 'fCBbQkA2NDA3MzM1Yw==')
   ->attr_is('input[name=name]', 'value', 'MyApp2')
   ->tx->res->dom->at('input[name="csrf_token"]')
   ->attr('value')
   ;
 
-$t->post_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token' => form => {
   csrf_token => $csrf,
   name => 'MyApp2',
   'client-id' => 'fCBbQkA2NDA3MzM1Yw=='
 })
   ->status_is(302)
-  ->header_is('Location','/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+  ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ;
 
-
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
+  ->status_is(200)
   ->text_is('div.notify-success', 'New access token created')
   ;
 
-$csrf = $t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->status_is(200)
-  ->attr_is('form.token-revoke', 'action', '/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token/revoke')
+  ->attr_is('form.token-revoke', 'action', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token/revoke')
   ->attr_is('form.token-revoke input[name=token]', 'value', 'jhkhkjhk_hjgjsfz67i')
   ->attr_is('form.token-revoke input[name=name]', 'value', 'MyApp2')
   ->tx->res->dom->at('input[name="csrf_token"]')
   ->attr('value')
   ;
 
-$t->post_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token/revoke' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token/revoke' => form => {
   csrf_token => $csrf,
   name => 'MyApp2',
   token => 'jhkhkjhk_hjgjsfz67i'
 })
   ->status_is(200)
-  ->attr_is('form#revoke-token','action','/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE')
+  ->attr_is('form#revoke-token','action','/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE')
   ->attr_is('form#revoke-token','method','POST')
   ->attr_is('form#revoke-token input[name=token]','value','jhkhkjhk_hjgjsfz67i')
 ;
 
 
 # CSRF missing
-$t->post_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
   name => 'MyApp2',
   token => 'jhkhkjhk_hjgjsfz67i'
 })->status_is(302)
-  ->header_is('Location','/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+  ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ;
 
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->element_exists_not('div.notify-success')
   ->text_is('div.notify-error', 'Bad CSRF token')
   ;
 
 # Token missing
-$t->post_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
   name => 'MyApp2',
   csrf_token => $csrf,
 })->status_is(302)
-  ->header_is('Location','/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+  ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ;
 
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->element_exists_not('div.notify-success')
   ->text_is('div.notify-error', 'Some fields are invalid')
   ;
 
-$t->post_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
+$t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => {
   name => 'MyApp2',
   csrf_token => $csrf,
   token => 'jhkhkjhk_hjgjsfz67i'
 })->status_is(302)
-  ->header_is('Location','/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+  ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ;
 
 
-$t->get_ok('/settings/oauth/client/fCBbQkA2NDA3MzM1Yw==')
+$t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==')
   ->element_exists_not('div.notify-error')
   ->text_is('div.notify-success', 'Token was revoked successfully')
   ;
commit	041ca4d57b6e54305bbeb06b89c3481575b553e8	[log] [tgz]
author	Akron <nils@diewald-online.de>	Thu Jun 10 11:52:51 2021 +0200
committer	Akron <nils@diewald-online.de>	Fri Jun 11 12:29:17 2021 +0200
tree	9a09be89de2ac298474dfca1af1e886a4f6e9e14
parent	c1aaf933978d870fd9f06bd84ac70019c2ac5e9b [diff]