Update end2end/test_oauth:test_refresh_access_token to use POST and…

… GET
libris · Nov 8, 2017 · a5b3431 · a5b3431
1 parent 1606b74
commit a5b3431
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/tests/end2end/test_oauth.py b/tests/end2end/test_oauth.py
@@ -111,11 +111,13 @@ def test_refresh_access_token(token, testapp):
     """Get new access token using 'refresh_token'."""
     token.expires_at = datetime.utcnow() - timedelta(seconds=1)
     token.save()
+
+    # Using HTTP-GET
     res = testapp.get(url_for('oauth.create_access_token'),
                       params={'grant_type': 'refresh_token',
                               'refresh_token': token.refresh_token,
                               'client_id': token.client.client_id,
-                              'client_secret': token.client.client_secret}, expect_errors=True)
+                              'client_secret': token.client.client_secret})
 
     updated_token = Token.query.filter_by(user_id=token.user_id, client_id=token.client_id).first()
     assert updated_token.id == token.id
@@ -126,6 +128,19 @@ def test_refresh_access_token(token, testapp):
     assert res.json_body['refresh_token'] == updated_token.refresh_token
     assert res.json_body['app_version'] == __version__
 
+    # Using HTTP-POST
+    res = testapp.post(url_for('oauth.create_access_token'),
+                       params={'grant_type': 'refresh_token',
+                               'refresh_token': updated_token.refresh_token,
+                               'client_id': updated_token.client.client_id,
+                               'client_secret': updated_token.client.client_secret})
+
+    second_updated_token = Token.query.filter_by(user_id=token.user_id,
+                                                 client_id=token.client_id).first()
+    assert second_updated_token.id == updated_token.id
+    assert res.json_body['access_token'] == second_updated_token.access_token
+    assert res.json_body['refresh_token'] == second_updated_token.refresh_token
+
 
 def test_verify_success_response(token, testapp):
     """Get user details and token expiry."""

diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py
@@ -49,6 +49,8 @@ def set_token(new_token, request_, **_):
     """Create Token object."""
     expires_at = datetime.utcnow() + timedelta(seconds=new_token.get('expires_in'))
     request_params = dict((key, value) for key, value in request_.uri_query_params)
+    if request_.body:
+        request_params.update(request_.body)
 
     if 'grant_type' in request_params and request_params['grant_type'] == 'refresh_token':
         token = Token.query.filter_by(client_id=request_.client.client_id,