diff --git a/tests/api/ClientCredentialsCept.php b/tests/api/ClientCredentialsCept.php index f1a3ad20..f0eff536 100644 --- a/tests/api/ClientCredentialsCept.php +++ b/tests/api/ClientCredentialsCept.php @@ -2,7 +2,7 @@ $I = new ApiTester($scenario); $I->wantTo('get an access token using the client credentials grant'); $I->sendPOST( - 'access_token', + 'client_credentials.php/access_token', [ 'grant_type' => 'client_credentials', 'client_id' => 'myawesomeapp', diff --git a/tests/api/ClientCredentialsInvalidClientIdCept.php b/tests/api/ClientCredentialsInvalidClientIdCept.php new file mode 100644 index 00000000..97f9fce4 --- /dev/null +++ b/tests/api/ClientCredentialsInvalidClientIdCept.php @@ -0,0 +1,17 @@ +wantTo('get an access token using the client credentials grant, invalid client id'); +$I->sendPOST( + 'client_credentials.php/access_token', + [ + 'grant_type' => 'client_credentials', + 'client_id' => 'myawesomeapp-wrong', + 'client_secret' => 'foobar' + ] +); +$I->canSeeResponseCodeIs(401); +$I->canSeeResponseIsJson(); +$I->seeResponseContainsJson([ + 'error' => 'invalid_client', + 'message' => 'Client authentication failed.' +]); diff --git a/tests/api/ClientCredentialsInvalidClientSecretCept.php b/tests/api/ClientCredentialsInvalidClientSecretCept.php new file mode 100644 index 00000000..fe4f88fc --- /dev/null +++ b/tests/api/ClientCredentialsInvalidClientSecretCept.php @@ -0,0 +1,17 @@ +wantTo('get an access token using the client credentials grant, invalid client secret'); +$I->sendPOST( + 'client_credentials.php/access_token', + [ + 'grant_type' => 'client_credentials', + 'client_id' => 'myawesomeapp', + 'client_secret' => 'foobar' + ] +); +$I->canSeeResponseCodeIs(401); +$I->canSeeResponseIsJson(); +$I->seeResponseContainsJson([ + 'error' => 'invalid_client', + 'message' => 'Client authentication failed.' +]); diff --git a/tests/api/ClientCredentialsMissingClientIdCept.php b/tests/api/ClientCredentialsMissingClientIdCept.php new file mode 100644 index 00000000..68135cdb --- /dev/null +++ b/tests/api/ClientCredentialsMissingClientIdCept.php @@ -0,0 +1,15 @@ +wantTo('get an access token using the client credentials grant, missing client id'); +$I->sendPOST( + 'client_credentials.php/access_token', + [ + 'grant_type' => 'client_credentials' + ] +); +$I->canSeeResponseCodeIs(400); +$I->canSeeResponseIsJson(); +$I->seeResponseContainsJson([ + 'error' => 'invalid_request', + 'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_id" parameter.' +]); diff --git a/tests/api/ClientCredentialsMissingClientSecretCept.php b/tests/api/ClientCredentialsMissingClientSecretCept.php new file mode 100644 index 00000000..369e22d6 --- /dev/null +++ b/tests/api/ClientCredentialsMissingClientSecretCept.php @@ -0,0 +1,16 @@ +wantTo('get an access token using the client credentials grant, missing client secret'); +$I->sendPOST( + 'client_credentials.php/access_token', + [ + 'grant_type' => 'client_credentials', + 'client_id' => 'myawesomeapp' + ] +); +$I->canSeeResponseCodeIs(400); +$I->canSeeResponseIsJson(); +$I->seeResponseContainsJson([ + 'error' => 'invalid_request', + 'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_secret" parameter.' +]);