Add Content-Type and Cache headers to introspect/revocation errors

author: Jonathan Huot <jonathan.huot@thomsonreuters.com> 2018-12-13 10:43:12 +0100
committer: Jonathan Huot <jonathan.huot@thomsonreuters.com> 2018-12-13 10:43:12 +0100
commit: 61458583d83959a37e56c20eb09546aaa63b4829 (patch)
tree: bbd31c8613d2642bc9c3e4ded1323d43ffa3998f /tests/oauth2/rfc6749/endpoints
parent: a9ec83a40477e6b5b460b6f203607199f5f16779 (diff)
download: oauthlib-61458583d83959a37e56c20eb09546aaa63b4829.tar.gz
2 files changed, 33 insertions, 8 deletions
diff --git a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
index e41b83f..f92652b 100644
--- a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
+++ b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
@@ -86,7 +86,12 @@ class IntrospectEndpointTest(TestCase):
                           ('token_type_hint', 'access_token')])
         h, b, s = self.endpoint.create_introspect_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {"WWW-Authenticate": 'Bearer, error="invalid_client"'})
+        self.assertEqual(h, {
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+            'Pragma': 'no-cache',
+            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+        })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
 
@@ -109,7 +114,12 @@ class IntrospectEndpointTest(TestCase):
                           ('token_type_hint', 'access_token')])
         h, b, s = self.endpoint.create_introspect_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {"WWW-Authenticate": 'Bearer, error="invalid_client"'})
+        self.assertEqual(h, {
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+            'Pragma': 'no-cache',
+            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+        })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
 
@@ -121,12 +131,12 @@ class IntrospectEndpointTest(TestCase):
                           ('token_type_hint', 'refresh_token')])
         h, b, s = endpoint.create_introspect_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {})
+        self.assertEqual(h, self.resp_h)
         self.assertEqual(loads(b)['error'], 'unsupported_token_type')
         self.assertEqual(s, 400)
 
         h, b, s = endpoint.create_introspect_response(self.uri,
                 headers=self.headers, body='')
-        self.assertEqual(h, {})
+        self.assertEqual(h, self.resp_h)
         self.assertEqual(loads(b)['error'], 'invalid_request')
         self.assertEqual(s, 400)
diff --git a/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
index a6a5cb2..2a24177 100644
--- a/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
+++ b/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
@@ -24,6 +24,11 @@ class RevocationEndpointTest(TestCase):
         self.headers = {
             'Content-Type': 'application/x-www-form-urlencoded',
         }
+        self.resp_h = {
+            'Cache-Control': 'no-store',
+            'Content-Type': 'application/json',
+            'Pragma': 'no-cache'
+        }
 
     def test_revoke_token(self):
         for token_type in ('access_token', 'refresh_token', 'invalid'):
@@ -49,7 +54,12 @@ class RevocationEndpointTest(TestCase):
                           ('token_type_hint', 'access_token')])
         h, b, s = self.endpoint.create_revocation_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {"WWW-Authenticate": 'Bearer, error="invalid_client"'})
+        self.assertEqual(h, {
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+            'Pragma': 'no-cache',
+            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+        })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
 
@@ -72,7 +82,12 @@ class RevocationEndpointTest(TestCase):
                           ('token_type_hint', 'access_token')])
         h, b, s = self.endpoint.create_revocation_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {"WWW-Authenticate": 'Bearer, error="invalid_client"'})
+        self.assertEqual(h, {
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+            'Pragma': 'no-cache',
+            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+        })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
 
@@ -96,12 +111,12 @@ class RevocationEndpointTest(TestCase):
                           ('token_type_hint', 'refresh_token')])
         h, b, s = endpoint.create_revocation_response(self.uri,
                 headers=self.headers, body=body)
-        self.assertEqual(h, {})
+        self.assertEqual(h, self.resp_h)
         self.assertEqual(loads(b)['error'], 'unsupported_token_type')
         self.assertEqual(s, 400)
 
         h, b, s = endpoint.create_revocation_response(self.uri,
                 headers=self.headers, body='')
-        self.assertEqual(h, {})
+        self.assertEqual(h, self.resp_h)
         self.assertEqual(loads(b)['error'], 'invalid_request')
         self.assertEqual(s, 400)
author	Jonathan Huot <jonathan.huot@thomsonreuters.com>	2018-12-13 10:43:12 +0100
committer	Jonathan Huot <jonathan.huot@thomsonreuters.com>	2018-12-13 10:43:12 +0100
commit	61458583d83959a37e56c20eb09546aaa63b4829 (patch)
tree	bbd31c8613d2642bc9c3e4ded1323d43ffa3998f /tests/oauth2/rfc6749/endpoints
parent	a9ec83a40477e6b5b460b6f203607199f5f16779 (diff)
download	oauthlib-61458583d83959a37e56c20eb09546aaa63b4829.tar.gz