@Test
public void useAuthorizationCodeWithInalidScopesTest()
throws InterruptedException, JSONException {
String currentUrl =
OauthAuthorizationPageHelper.loginAndAuthorize(
this.getWebBaseUrl(),
this.getClient1ClientId(),
this.getClient1RedirectUri(),
ScopePathType.ORCID_WORKS_CREATE.value(),
null,
this.getUser1UserName(),
this.getUser1Password(),
true,
webDriver);
Matcher matcher = AUTHORIZATION_CODE_PATTERN.matcher(currentUrl);
assertTrue(matcher.find());
String authorizationCode = matcher.group(1);
assertFalse(PojoUtil.isEmpty(authorizationCode));
ClientResponse tokenResponse =
getClientResponse(
this.getClient1ClientId(),
this.getClient1ClientSecret(),
ScopePathType.ORCID_WORKS_UPDATE.getContent(),
this.getClient1RedirectUri(),
authorizationCode);
assertEquals(401, tokenResponse.getStatus());
OrcidMessage result = tokenResponse.getEntity(OrcidMessage.class);
assertNotNull(result);
assertNotNull(result.getErrorDesc());
assertEquals(
"OAuth2 problem : Invalid scopes: /orcid-works/update available scopes for this code are: [/orcid-works/create]",
result.getErrorDesc().getContent());
}
