test: 別のスコープを要求するトークンのテストを追加

2023-12-01 23:53:22 +09:00 · 2023-12-01 23:53:22 +09:00 · 5ff06b88f7
parent 58dbcb810e
commit 5ff06b88f7
3 changed files with 57 additions and 1 deletions
--- a/src/e2eTest/kotlin/oauth2/OAuth2LoginTest.kt
+++ b/src/e2eTest/kotlin/oauth2/OAuth2LoginTest.kt
@ -38,6 +38,17 @@ class OAuth2LoginTest {
        )
    }

+    @Karate.Test
+    @TestFactory
+    fun `スコープread_statuses write_statusesを持ったトークンの作成`(): Karate {
+        return KarateUtil.springBootKarateTest(
+            "Oauth2LoginTest",
+            "スコープread:statuses write:statusesを持ったトークンの作成",
+            javaClass,
+            port
+        )
+    }
+
    companion object {
        @JvmStatic
        @AfterAll
--- a/src/e2eTest/resources/logback.xml
+++ b/src/e2eTest/resources/logback.xml
@ -16,6 +16,6 @@
        <appender-ref ref="FILE"/>
    </root>
    <logger name="org.springframework.security" level="TRACE"/>
-    <logger name="c.i.k.driver.chrome_" level="DEBUG"/>
+    <logger name="com.intuit.karate.driver" level="INFO"/>
    <logger name="org.thymeleaf.TemplateEngine.CONFIG" level="INFO"/>
 </configuration>
--- a/src/e2eTest/resources/oauth2/Oauth2LoginTest.feature
+++ b/src/e2eTest/resources/oauth2/Oauth2LoginTest.feature
@ -48,3 +48,48 @@ Feature: OAuth2 Login Test
    And form field scope = 'write read'
    When method post
    Then status 200
+
+  Scenario: スコープread:statuses write:statusesを持ったトークンの作成
+
+    * def apps =
+    """
+    {
+    "client_name": "oauth2-test-client-2",
+    "redirect_uris": "https://usbharu.dev",
+    "scopes": "read:statuses write:statuses"
+    }
+    """
+
+    Given path '/api/v1/apps'
+    And request apps
+    When method post
+    Then status 200
+
+    * def client_id = response.client_id
+    * def client_secret = response.client_secret
+
+    * def authorizeEndpoint = baseUrl + '/oauth/authorize?response_type=code&redirect_uri=https://usbharu.dev&client_id=' + client_id + '&scope=read:statuses+write:statuses'
+
+    Given driver authorizeEndpoint
+    And driver.input('#username','test-user')
+    And driver.input('#password','password')
+
+    When driver.submit().click('body > div > form > button')
+    Then driver.waitForUrl(authorizeEndpoint + "&continue")
+    And driver.click('/html/body/div/div[4]/div/form/div[1]/input')
+    And driver.click('/html/body/div/div[4]/div/form/div[2]/input')
+
+    When driver.submit().click('#submit-consent')
+    Then driver.waitUntil("location.host == 'usbharu.dev'")
+
+    * def code = script("new URLSearchParams(document.location.search).get('code')")
+
+    Given path '/oauth/token'
+    And form field client_id = client_id
+    And form field client_secret = client_secret
+    And form field redirect_uri = 'https://usbharu.dev'
+    And form field grant_type = 'authorization_code'
+    And form field code = code
+    And form field scope = 'write read'
+    When method post
+    Then status 200