[Jifty-commit] r5696 - in plugins/Jifty-Plugin-OAuth/trunk: . lib/Jifty/Plugin/OAuth
Jifty commits
jifty-commit at lists.jifty.org
Tue Aug 12 04:21:44 EDT 2008
Author: sartak
Date: Tue Aug 12 04:21:41 2008
New Revision: 5696
Modified:
plugins/Jifty-Plugin-OAuth/trunk/ (props changed)
plugins/Jifty-Plugin-OAuth/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
plugins/Jifty-Plugin-OAuth/trunk/t/t/01-basic.t
plugins/Jifty-Plugin-OAuth/trunk/t/t/03-authorize.t
Log:
r69266 at onn: sartak | 2008-08-12 04:21:27 -0400
If an unauthenticated user goes to /oauth/authorize, throw a 401 instead of.. well who knows what :)
Modified: plugins/Jifty-Plugin-OAuth/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- plugins/Jifty-Plugin-OAuth/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm (original)
+++ plugins/Jifty-Plugin-OAuth/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm Tue Aug 12 04:21:41 2008
@@ -103,6 +103,7 @@
sub authorize {
my @params = qw/token callback/;
abortmsg(403, "Cannot authorize tokens as an OAuthed user") if Jifty->web->current_user->is_oauthed;
+ abortmsg(401, "Must be authenticated to authorize tokens") if !Jifty->web->current_user->id;
set no_abort => 1;
my %oauth_params = get_parameters(@params);
Modified: plugins/Jifty-Plugin-OAuth/trunk/t/t/01-basic.t
==============================================================================
--- plugins/Jifty-Plugin-OAuth/trunk/t/t/01-basic.t (original)
+++ plugins/Jifty-Plugin-OAuth/trunk/t/t/01-basic.t Tue Aug 12 04:21:41 2008
@@ -19,6 +19,7 @@
$mech->content_like(qr{http://oauth\.net/}, "oauth page mentions OAuth homepage");
-$mech->get_ok($URL . '/oauth/authorize');
+my $response = $mech->get($URL . '/oauth/authorize');
+is($response->code, 401, "/oauth/authorize requires being logged in");
$mech->content_unlike(qr{If you trust this application}, "/oauth/authorize requires being logged in");
Modified: plugins/Jifty-Plugin-OAuth/trunk/t/t/03-authorize.t
==============================================================================
--- plugins/Jifty-Plugin-OAuth/trunk/t/t/03-authorize.t (original)
+++ plugins/Jifty-Plugin-OAuth/trunk/t/t/03-authorize.t Tue Aug 12 04:21:41 2008
@@ -31,7 +31,8 @@
# }}}
# try to navigate to protected pages while not logged in {{{
-$umech->get_ok($URL . '/oauth/authorize');
+my $response = $umech->get($URL . '/oauth/authorize');
+is($response->code, 401, "/oauth/authorize requires authentication");
$umech->content_unlike(qr/If you trust this application/);
$umech->get_ok('/oauth/authorized');
More information about the Jifty-commit
mailing list