From b628527daf15af61e8236a0633087756cbae9acc Mon Sep 17 00:00:00 2001
From: Nicolas Le Goff <legoff.n@gmail.com>
Date: Tue, 11 Dec 2012 19:56:56 +0100
Subject: [PATCH 1/2] Add missing HttpException namespace

---
 lib/Alchemy/Phrasea/Application/OAuth2.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/Alchemy/Phrasea/Application/OAuth2.php b/lib/Alchemy/Phrasea/Application/OAuth2.php
index 9b15ad182a..030f375769 100644
--- a/lib/Alchemy/Phrasea/Application/OAuth2.php
+++ b/lib/Alchemy/Phrasea/Application/OAuth2.php
@@ -13,6 +13,7 @@ namespace Alchemy\Phrasea\Application;
 
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
+use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpFoundation\Request;
 use Silex\Provider\ValidatorServiceProvider;

From ef9631b8d6c9662d5588b3b2bd95a8491880efda Mon Sep 17 00:00:00 2001
From: Nicolas Le Goff <legoff.n@gmail.com>
Date: Tue, 11 Dec 2012 19:57:06 +0100
Subject: [PATCH 2/2] Add Test to check the status code of the response when
 API token endpoint is not used with SSL

---
 tests/Alchemy/Phrasea/Application/OAuth2Test.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/tests/Alchemy/Phrasea/Application/OAuth2Test.php b/tests/Alchemy/Phrasea/Application/OAuth2Test.php
index 3c3a60a6e8..deca5ffe11 100644
--- a/tests/Alchemy/Phrasea/Application/OAuth2Test.php
+++ b/tests/Alchemy/Phrasea/Application/OAuth2Test.php
@@ -148,4 +148,15 @@ class oauthv2_application_test extends \PhraseanetWebTestCaseAuthenticatedAbstra
         $this->assertRegExp("/" . $this->queryParameters["scope"] . "/", $this->client->getResponse()->getContent());
         $this->assertRegExp("/" . $this->queryParameters["state"] . "/", $this->client->getResponse()->getContent());
     }
+    
+    public function testGetTokenNotHTTPS()
+    {
+        $acc = self::getAccount();
+
+        $this->setQueryParameters('grant_type', 'authorization_code');
+        $this->setQueryParameters('code', '12345678918');
+        $this->client->request('POST', '/token', $this->queryParameters);
+        
+        $this->assertEquals(400, $this->client->getResponse()->getStatusCode());
+    }
 }