DRY up auth spec

Combined 2 similar tests Fixes PLAT-1210 Test Plan: `rspec spec/apis/auth_spec.rb --example "API Authentication oauth2 web app flow"` Change-Id: I549e0398961a7212fb3c42476125146581796c64 Reviewed-on: https://gerrit.instructure.com/61444 Reviewed-by: Brad Humphrey <brad@instructure.com> Product-Review: August Thornton <august@instructure.com> QA-Review: August Thornton <august@instructure.com> Tested-by: Jenkins
2015-08-20 12:24:30 -06:00 · 2015-08-20 12:24:30 -06:00 · d1d0fff027
parent 008cd38c32
commit d1d0fff027
1 changed files with 5 additions and 20 deletions
--- a/spec/apis/auth_spec.rb
+++ b/spec/apis/auth_spec.rb
@ -448,6 +448,11 @@ describe "API Authentication", type: :request do

              get "/login/oauth2/auth", :response_type => 'code', :client_id => developer_key.id, :redirect_uri => "http://www.example.com/my_uri"
              assert_status(401)
+
+              @user.access_tokens.create!(developer_key: developer_key)
+
+              get "/login/oauth2/auth", :response_type => 'code', :client_id => developer_key.id, :redirect_uri => "http://www.example.com/my_uri"
+              assert_status(401)
            end
          end
        end
@ -499,27 +504,7 @@ describe "API Authentication", type: :request do
          json = trusted_exchange(true)
          expect(json['access_token']).to be_nil
        end
-
-        it "Shouldn't allow an account level dev key to auth with other account's user" do
-          enable_forgery_protection do
-            enable_cache do
-
-              user_with_pseudonym(:active_user => true, :username => 'test1@example.com', :password => 'test123')
-              course_with_teacher(:user => @user)
-
-              # create the dev key on a different account
-              account2 = Account.create!
-              developer_key = DeveloperKey.create!(account: account2, redirect_uri: "http://www.example.com/my_uri")
-
-              @user.access_tokens.create!(developer_key: developer_key)
-
-              get "/login/oauth2/auth", :response_type => 'code', :client_id => developer_key.id, :redirect_uri => "http://www.example.com/my_uri"
-              assert_status(401)
-            end
-          end
-        end
      end
-
    end
  end