@@ -229,42 +229,73 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
229229 end
230230
231231 describe 'password reset link success' do
232- before do
233- get :edit ,
234- params : { reset_password_token : @mail_reset_token ,
235- redirect_url : @mail_redirect_url }
232+ describe 'with require_client_password_reset_token is enabled' do
233+ before do
234+ DeviseTokenAuth . require_client_password_reset_token = true
235+ get :edit ,
236+ params : { reset_password_token : @mail_reset_token ,
237+ redirect_url : @mail_redirect_url }
236238
237- @resource . reload
239+ @resource . reload
238240
239- raw_qs = response . location . split ( '?' ) [ 1 ]
240- @qs = Rack ::Utils . parse_nested_query ( raw_qs )
241+ raw_qs = response . location . split ( '?' ) [ 1 ]
242+ @qs = Rack ::Utils . parse_nested_query ( raw_qs )
241243
242- @access_token = @qs [ 'access-token' ]
243- @client_id = @qs [ 'client_id' ]
244- @client = @qs [ 'client' ]
245- @expiry = @qs [ 'expiry' ]
246- @reset_password = @qs [ 'reset_password' ]
247- @token = @qs [ 'token' ]
248- @uid = @qs [ 'uid' ]
249- end
244+ @reset_password_token = @qs [ 'reset_password_token' ]
245+ end
250246
251- test 'response should have success redirect status' do
252- assert_equal 302 , response . status
253- end
247+ test 'response should have success redirect status' do
248+ assert_equal 302 , response . status
249+ end
254250
255- test 'response should contain auth params' do
256- assert @access_token
257- assert @client
258- assert @client_id
259- assert @expiry
260- assert @reset_password
261- assert @token
262- assert @uid
251+ test 'response should contain reset_password_token param' do
252+ assert_equal @mail_reset_token , @qs [ 'reset_password_token' ]
253+ end
263254 end
264255
265- test 'response auth params should be valid' do
266- assert @resource . valid_token? ( @token , @client_id )
267- assert @resource . valid_token? ( @access_token , @client )
256+ describe 'require_client_password_reset_token is disabled' do
257+ before do
258+ DeviseTokenAuth . require_client_password_reset_token = false
259+ get :edit ,
260+ params : { reset_password_token : @mail_reset_token ,
261+ redirect_url : @mail_redirect_url }
262+
263+ @resource . reload
264+
265+ raw_qs = response . location . split ( '?' ) [ 1 ]
266+ @qs = Rack ::Utils . parse_nested_query ( raw_qs )
267+
268+ @access_token = @qs [ 'access-token' ]
269+ @client_id = @qs [ 'client_id' ]
270+ @client = @qs [ 'client' ]
271+ @expiry = @qs [ 'expiry' ]
272+ @reset_password = @qs [ 'reset_password' ]
273+ @token = @qs [ 'token' ]
274+ @uid = @qs [ 'uid' ]
275+ end
276+
277+ test 'response should have success redirect status' do
278+ assert_equal 302 , response . status
279+ end
280+
281+ test 'response should contain auth params' do
282+ assert @access_token
283+ assert @client
284+ assert @client_id
285+ assert @expiry
286+ assert @reset_password
287+ assert @token
288+ assert @uid
289+ end
290+
291+ test 'response auth params should be valid' do
292+ assert @resource . valid_token? ( @token , @client_id )
293+ assert @resource . valid_token? ( @access_token , @client )
294+ end
295+
296+ test 'response should contain reset_password_token param' do
297+ assert_equal @mail_reset_token , @qs [ 'reset_password_token' ]
298+ end
268299 end
269300 end
270301 end
0 commit comments