oauth2-server/tests/fuzz/grant-password.yml
2014-08-04 18:54:01 +01:00

88 lines
3.8 KiB
YAML

url: 'http://localhost:8000/other_grants.php/access_token'
request:
method: POST
body:
-
key: client_id
value: testclient
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_id\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: client_secret
value: secret
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_secret\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: username
value: alexbilbie
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"username\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_credentials
body.message: "The user credentials were incorrect."
-
key: password
value: whisky
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"password\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_credentials
body.message: "The user credentials were incorrect."
-
key: grant_type
value: password
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."
invalid:
response.statusCode: 400
headers.content-type: "application/json"
body.error: unsupported_grant_type
#body.message: "The authorization grant type XXX is not supported by the authorization server."
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: expires_in
valueType: integer
-
key: access_token
valueRegex: /([a-zA-Z0-9]*)/
-
key: refresh_token
valueRegex: /([a-zA-Z0-9]*)/
-
key: token_type
value: Bearer