From 02709334d4013073dffe5b6c2fd6ff7377b87ba9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Fri, 29 Jun 2018 09:40:41 +0000
Subject: Enabling Doorkeeper reuse_access_token option

---
 spec/requests/oauth_tokens_spec.rb | 55 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 spec/requests/oauth_tokens_spec.rb

(limited to 'spec/requests')

diff --git a/spec/requests/oauth_tokens_spec.rb b/spec/requests/oauth_tokens_spec.rb
new file mode 100644
index 00000000000..000c3a2b868
--- /dev/null
+++ b/spec/requests/oauth_tokens_spec.rb
@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe 'OAuth Tokens requests' do
+  let(:user) { create :user }
+  let(:application) { create :oauth_application, scopes: 'api' }
+
+  def request_access_token(user)
+    post '/oauth/token',
+      grant_type: 'authorization_code',
+      code: generate_access_grant(user).token,
+      redirect_uri: application.redirect_uri,
+      client_id: application.uid,
+      client_secret: application.secret
+  end
+
+  def generate_access_grant(user)
+    create :oauth_access_grant, application: application, resource_owner_id: user.id
+  end
+
+  context 'when there is already a token for the application' do
+    let!(:existing_token) { create :oauth_access_token, application: application, resource_owner_id: user.id }
+
+    context 'and the request is done by the resource owner' do
+      it 'reuses and returns the stored token' do
+        expect do
+          request_access_token(user)
+        end.not_to change { Doorkeeper::AccessToken.count }
+
+        expect(json_response['access_token']).to eq existing_token.token
+      end
+    end
+
+    context 'and the request is done by a different user' do
+      let(:other_user) { create :user }
+
+      it 'generates and returns a different token for a different owner' do
+        expect do
+          request_access_token(other_user)
+        end.to change { Doorkeeper::AccessToken.count }.by(1)
+
+        expect(json_response['access_token']).not_to be_nil
+      end
+    end
+  end
+
+  context 'when there is no token stored for the application' do
+    it 'generates and returns a new token' do
+      expect do
+        request_access_token(user)
+      end.to change { Doorkeeper::AccessToken.count }.by(1)
+
+      expect(json_response['access_token']).not_to be_nil
+    end
+  end
+end
-- 
cgit v1.2.1