oauth2-server/tests/fuzz/grant-client-credentials.yml

url: 'http://localhost:8000/other_grants.php/access_token'
request:
    method: POST
    body:
        -
            key: client_id
            value: testclient
            missing:
                response.statusCode: 400
                headers.content-type: "application/json"
                body.error: invalid_request
                body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_id\" parameter."
            invalid:
                response.statusCode: 401
                headers.content-type: "application/json"
                body.error: invalid_client
                body.message: "Client authentication failed."
        -
            key: client_secret
            value: secret
            missing:
                response.statusCode: 400
                headers.content-type: "application/json"
                body.error: invalid_request
                body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_secret\" parameter."
            invalid:
                response.statusCode: 401
                headers.content-type: "application/json"
                body.error: invalid_client
                body.message: "Client authentication failed."
        -
            key: grant_type
            value: client_credentials
            missing:
                response.statusCode: 400
                headers.content-type: "application/json"
                body.error: invalid_request
                body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."
            invalid:
                response.statusCode: 400
                headers.content-type: "application/json"
                body.error: unsupported_grant_type
                #body.message: "The authorization grant type XXX is not supported by the authorization server."
        -
            key: scope
            value: "basic"
            invalid:
                response.statusCode: 400
                headers.content-type: "application/json"
                body.error: invalid_scope
                border.message: fooooooooo
response:
    statusCode: 200
    headers:
        -
            key: Content-type
            value: application/json
    body:
        -
            key: expires_in
            valueType: integer
        -
            key: access_token
            valueRegex: /([a-zA-Z0-9]*)/
        -
            key: token_type
            value: Bearer