Verifies that client credential grants receive approved scope in response.

Closes #242

1 files changed, 28 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs
index 27b0050..22c4545 100644
--- a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs
+++ b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs
@@ -102,6 +102,34 @@ namespace DotNetOpenAuth.Test.OAuth2 {
 		}
 
 		[Test]
+		public void GetClientAccessTokenReturnsApprovedScope() {
+			string[] ApprovedScopes = new[] { "Scope2", "Scope3" };
+			var authServer = CreateAuthorizationServerMock();
+			authServer.Setup(
+				a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
+					  .Returns(true);
+			authServer.Setup(
+				a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
+					  .Returns<IAccessTokenRequest>(req => {
+						  var response = new AutomatedAuthorizationCheckResponse(req, true);
+						  response.ApprovedScope.ResetContents(ApprovedScopes);
+						  return response;
+					  });
+			var coordinator = new OAuth2Coordinator<WebServerClient>(
+				AuthorizationServerDescription,
+				authServer.Object,
+				new WebServerClient(AuthorizationServerDescription),
+				client => {
+					var authState = client.GetClientAccessToken(TestScopes);
+					Assert.That(authState.Scope, Is.EquivalentTo(ApprovedScopes));
+				},
+				server => {
+					server.HandleTokenRequest().Respond();
+				});
+			coordinator.Run();
+		}
+
+		[Test]
 		public void CreateAuthorizingHandlerBearer() {
 			var client = new WebServerClient(AuthorizationServerDescription);
 			string bearerToken = "mytoken";