Merge remote-tracking branch 'parent/main' into upstream-20240507

2024-05-07 08:05:04 +09:00 · 2024-05-07 08:05:04 +09:00 · 89b71363ae
commit 89b71363ae
parent bab1a792a7 6167894547
70 changed files with 1739 additions and 445 deletions
--- a/spec/requests/api/v1/accounts_spec.rb
+++ b/spec/requests/api/v1/accounts_spec.rb
@ -8,6 +8,22 @@ describe '/api/v1/accounts' do
  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }

+  describe 'GET /api/v1/accounts?ids[]=:id' do
+    let(:account) { Fabricate(:account) }
+    let(:other_account) { Fabricate(:account) }
+    let(:scopes) { 'read:accounts' }
+
+    it 'returns expected response' do
+      get '/api/v1/accounts', headers: headers, params: { ids: [account.id, other_account.id, 123_123] }
+
+      expect(response).to have_http_status(200)
+      expect(body_as_json).to contain_exactly(
+        hash_including(id: account.id.to_s),
+        hash_including(id: other_account.id.to_s)
+      )
+    end
+  end
+
  describe 'GET /api/v1/accounts/:id' do
    context 'when logged out' do
      let(:account) { Fabricate(:account) }
--- a/spec/requests/api/v1/statuses_spec.rb
+++ b/spec/requests/api/v1/statuses_spec.rb
@ -9,6 +9,22 @@ describe '/api/v1/statuses' do
    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: client_app, scopes: scopes) }
    let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }

+    describe 'GET /api/v1/statuses?ids[]=:id' do
+      let(:status) { Fabricate(:status) }
+      let(:other_status) { Fabricate(:status) }
+      let(:scopes) { 'read:statuses' }
+
+      it 'returns expected response' do
+        get '/api/v1/statuses', headers: headers, params: { ids: [status.id, other_status.id, 123_123] }
+
+        expect(response).to have_http_status(200)
+        expect(body_as_json).to contain_exactly(
+          hash_including(id: status.id.to_s),
+          hash_including(id: other_status.id.to_s)
+        )
+      end
+    end
+
    describe 'GET /api/v1/statuses/:id' do
      subject do
        get "/api/v1/statuses/#{status.id}", headers: headers
--- a/spec/requests/well_known/oauth_metadata_spec.rb
+++ b/spec/requests/well_known/oauth_metadata_spec.rb
@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'The /.well-known/oauth-authorization-server request' do
+  let(:protocol) { ENV.fetch('LOCAL_HTTPS', true) ? :https : :http }
+
+  before do
+    host! ENV.fetch('LOCAL_DOMAIN')
+  end
+
+  it 'returns http success with valid JSON response' do
+    get '/.well-known/oauth-authorization-server'
+
+    expect(response)
+      .to have_http_status(200)
+      .and have_attributes(
+        media_type: 'application/json'
+      )
+
+    grant_types_supported = Doorkeeper.configuration.grant_flows.dup
+    grant_types_supported << 'refresh_token' if Doorkeeper.configuration.refresh_token_enabled?
+
+    expect(body_as_json).to include(
+      issuer: root_url(protocol: protocol),
+      service_documentation: 'https://docs.joinmastodon.org/',
+      authorization_endpoint: oauth_authorization_url(protocol: protocol),
+      token_endpoint: oauth_token_url(protocol: protocol),
+      revocation_endpoint: oauth_revoke_url(protocol: protocol),
+      scopes_supported: Doorkeeper.configuration.scopes.map(&:to_s),
+      response_types_supported: Doorkeeper.configuration.authorization_response_types,
+      grant_types_supported: grant_types_supported,
+      # non-standard extension:
+      app_registration_endpoint: api_v1_apps_url(protocol: protocol)
+    )
+  end
+end