diff --git a/src/routes/test/oauth2-test.js b/src/routes/test/oauth2-test.js index 8ef694644..d4939068c 100644 --- a/src/routes/test/oauth2-test.js +++ b/src/routes/test/oauth2-test.js @@ -568,6 +568,39 @@ describe('OAuth2', function () { }); }); }); + + it('subsqeuent logins go through directly due to session', function (done) { + startAuthorizationFlow(function (jar) { + var url = SERVER_URL + '/api/v1/session/login?returnTo=' + CLIENT_2.redirectURI; + var data = { + username: USER_0.username, + password: USER_0.password + }; + + request.post({ url: url, jar: jar, form: data }, function (error, response, body) { + expect(error).to.not.be.ok(); + expect(response.statusCode).to.eql(302); + + var tmp = urlParse(response.headers.location, true); + expect(tmp.query.redirect_uri).to.eql(CLIENT_2.redirectURI); + expect(tmp.query.client_id).to.eql(CLIENT_2.id); + expect(tmp.query.response_type).to.eql('code'); + + var url = SERVER_URL + '/api/v1/oauth/dialog/authorize?redirect_uri=' + CLIENT_2.redirectURI + '&client_id=' + CLIENT_2.id + '&response_type=code'; + + request.get(url, { jar: jar, followRedirect: false }, function (error, response, body) { + expect(error).to.not.be.ok(); + expect(response.statusCode).to.eql(302); + + var tmp = urlParse(response.headers.location, true); + expect(tmp.query.redirectURI).to.eql(CLIENT_2.redirectURI + '/'); + expect(tmp.query.code).to.be.a('string'); + + done(); + }); + }); + }); + }); }); }); });