Skip to content

Commit

Permalink
oauth2 flow_refresh_test: Add unit tests for optional 'scope' param
Browse files Browse the repository at this point in the history
Updating our OAuth2 token refresh handler tests to completely ignore
the **Client Scopes** and **Originally Requested Scopes**. Instead,
the originally granted scopes should be the only scopes validated
against.

Also adding some tests to validate the optional 'scope' parameter,
as outlined in https://www.rfc-editor.org/rfc/rfc6749#section-6

Note that this implementation returns an ErrInvalidScope if the
'scope' form parameter is defined but empty.
  • Loading branch information
silverspace committed Aug 31, 2022
1 parent 0f25684 commit d9ecd46
Show file tree
Hide file tree
Showing 2 changed files with 310 additions and 18 deletions.
Loading

0 comments on commit d9ecd46

Please sign in to comment.