diff options
Diffstat (limited to 'yarns/300-end-user-auth.yarn')
-rw-r--r-- | yarns/300-end-user-auth.yarn | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/yarns/300-end-user-auth.yarn b/yarns/300-end-user-auth.yarn index 98295fb..e6b6e66 100644 --- a/yarns/300-end-user-auth.yarn +++ b/yarns/300-end-user-auth.yarn @@ -86,6 +86,7 @@ registerd, before the login process starts. GIVEN a Qvisqve configuration for "https://qvisqve" AND Qvisqve configuration has user account tomjon with password hunter2 + AND Qvisqve configuration allows user tomjon scopes foo bar AND Qvisqve configuration has application facade ... with callback url https://facade/callback ... and secret happydays @@ -115,7 +116,7 @@ unique, hard-to-guess value every time the user authenication starts anew. Note that this should probably be different from the `state` value from the facade (FIXME: why?). - WHEN browser requests GET /auth?response_type=code&scope=openid+read&client_id=facade&state=RANDOM&redirect_uri=https://facade/callback + WHEN browser requests GET /auth?response_type=code&scope=openid+foo+yo&client_id=facade&state=RANDOM&redirect_uri=https://facade/callback THEN HTTP status code is 200 OK AND Content-Type is text/html AND body has an HTML form with field username @@ -179,7 +180,7 @@ this. Needs research and thinking. AND JSON body has field token_type, with value Bearer AND JSON body has field expires_in - AND access token has a scope field set to read + AND access token has a scope field set to foo AND access token has a sub field set to tomjon The authorization code can't be re-used. |