Code review comment for lp:~vds/usso/kind_of_login

Revision history for this message
Casey Marshall (cmars) wrote :

I updated my usso_test app to evaluate the contents of the token details, and it seems to work well with the following test.

Using, I signed into usso, authorizing the test application token, "test-usso-token". The resulting auth string was valid when checked against USSO, token details were thus:

    "token_name": "test-usso-token",
    "date_updated": "2013-10-31T19:28:50.268",
    "token_key": "[redacted]",
    "href": "/api/v2/tokens/oauth/[redacted, same as token_key's value]",
    "date_created": "2013-10-31T19:28:50.268",
    "consumer_key": "[redacted]"

Then I went to the Applications tab on and test-usso-token was listed as an authorized application. I deleted the authorization there, and a subsequent USSO query with the auth string came back with token details:

{"message": "Provided email/password is not correct.", "code": "INVALID_CREDENTIALS", "extra": {}}

This looks very good to me!

review: Approve

« Back to merge proposal