stable
Clone or download
Test scenario: 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_d>&scope=demo&response_type=code&redirect_uri=<redirect_uri> 3. Quickly retrieve (it is valid only 1 minute) the authorization code from the URL 4. Exchange the authorization code for an access token: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&redirect_uri=<redirect_uri>&code=<authorization_code>' \ https://tuleap.example.com/oauth2/token 5. Use this access token to query the demo resource 6. Suspend the project 7. Try to use the access token again, it does not work This is part of story #14542: have OAuth2 flow Change-Id: I02941061d7bbc8c108e703569b4ce559e3596973
Modified Files
Name | ||||
---|---|---|---|---|
M | plugins/oauth2_server/include/AccessToken/OAuth2AccessTokenDAO.php | +3 | −1 | Go to diff View file |
A | plugins/oauth2_server/tests/integration/AccessToken/OAuth2AccessTokenDAOTest.php | +146 | −0 | Go to diff View file |