Fix #5104 - GET /api/v1/apps/verify_credentials to confirm app works (#5112)

signup-info-prompt
Eugen Rochko 2017-09-30 22:05:42 +02:00 committed by GitHub
parent 1e1d788757
commit eb605141ff
4 changed files with 60 additions and 3 deletions

View File

@ -0,0 +1,11 @@
# frozen_string_literal: true
class Api::V1::Apps::CredentialsController < Api::BaseController
before_action -> { doorkeeper_authorize! :read }
respond_to :json
def show
render json: doorkeeper_token.application, serializer: REST::StatusSerializer::ApplicationSerializer
end
end

View File

@ -1,8 +1,6 @@
# frozen_string_literal: true
class Api::V1::AppsController < Api::BaseController
respond_to :json
def create
@app = Doorkeeper::Application.create!(application_options)
render json: @app, serializer: REST::ApplicationSerializer

View File

@ -194,12 +194,17 @@ Rails.application.routes.draw do
resources :follows, only: [:create]
resources :media, only: [:create, :update]
resources :apps, only: [:create]
resources :blocks, only: [:index]
resources :mutes, only: [:index]
resources :favourites, only: [:index]
resources :reports, only: [:index, :create]
namespace :apps do
get :verify_credentials, to: 'credentials#show'
end
resources :apps, only: [:create]
resource :instance, only: [:show]
resource :domain_blocks, only: [:show, :create, :destroy]

View File

@ -0,0 +1,43 @@
require 'rails_helper'
describe Api::V1::Apps::CredentialsController do
render_views
let(:token) { Fabricate(:accessible_access_token, scopes: 'read', application: Fabricate(:application)) }
context 'with an oauth token' do
before do
allow(controller).to receive(:doorkeeper_token) { token }
end
describe 'GET #show' do
before do
get :show
end
it 'returns http success' do
expect(response).to have_http_status(:success)
end
it 'does not contain client credentials' do
json = body_as_json
expect(json).to_not have_key(:client_secret)
expect(json).to_not have_key(:client_id)
end
end
end
context 'without an oauth token' do
before do
allow(controller).to receive(:doorkeeper_token) { nil }
end
describe 'GET #show' do
it 'returns http unauthorized' do
get :show
expect(response).to have_http_status(:unauthorized)
end
end
end
end