From f1b8fee4f1e0ea2503d4e0453bdc3049edaa2598 Mon Sep 17 00:00:00 2001
From: Fernando Rocha
Date: Wed, 27 Mar 2013 14:05:46 -0300
Subject: client credentials should be optional (fix #759)

client credentials should only be required on token
request

Signed-off-by: Fernando Rocha <fernandogrd@gmail.com>
---
 rest_framework/tests/authentication.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'rest_framework/tests')

diff --git a/rest_framework/tests/authentication.py b/rest_framework/tests/authentication.py
index b663ca48..375b19bd 100644
--- a/rest_framework/tests/authentication.py
+++ b/rest_framework/tests/authentication.py
@@ -516,6 +516,18 @@ class OAuth2Tests(TestCase):
         response = self.csrf_client.get('/oauth2-test/', params, HTTP_AUTHORIZATION=auth)
         self.assertEqual(response.status_code, 200)
 
+    @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed')
+    def test_get_form_passing_auth_without_client_params(self):
+        """
+        Ensure GETing form over OAuth without client credentials
+
+        Regression test for issue #759:
+        https://github.com/tomchristie/django-rest-framework/issues/759
+        """
+        auth = self._create_authorization_header()
+        response = self.csrf_client.get('/oauth2-test/', HTTP_AUTHORIZATION=auth)
+        self.assertEqual(response.status_code, 200)
+
     @unittest.skipUnless(oauth2_provider, 'django-oauth2-provider not installed')
     def test_post_form_passing_auth(self):
         """Ensure POSTing form over OAuth with correct credentials passes and does not require CSRF"""
-- 
cgit v1.2.3