func Test_TokenGrant_validateForm_MissingClientID(t *testing.T) {
	u := new(TestUnit)
	defer u.Teardown()
	u.Setup()

	// Setup server
	controller := new(TokenGrant)
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		context := createRequestContext(r, w)
		defer recovery(context, true)

		controller.HandleForm(context, nil)
	}))
	defer ts.Close()

	response, _ := http.Post(ts.URL, "application/x-www-form-urlencoded", strings.NewReader(fmt.Sprintf("grant_type=%s", AuthorizationCodeGrant)))
	status := util.ParseStatus(response)
	if status == nil {
		t.Error(test.ExpectedNotNil)
	} else {
		if status.Code != 400 {
			t.Errorf(test.ExpectedNumberButFoundNumber, 400, status.Code)
		}
		if status.Description != fmt.Sprintf(InvalidParameter, "client_id") {
			t.Errorf(test.ExpectedInvalidParameter, "client_id", status.Description)
		}
	}

	// [Test 3] Missing client_secret
	response, _ = http.Post(ts.URL, "application/x-www-form-urlencoded", strings.NewReader(fmt.Sprintf("grant_type=%s&client_id=%s", AuthorizationCodeGrant, u.ClientID.Hex())))
	status = util.ParseStatus(response)
	if status.Description != fmt.Sprintf(InvalidParameter, "client_secret") {
		t.Errorf(test.ExpectedInvalidParameter, "client_secret", status.Description)
	}
}
func Test_TokenGrant_refreshTokenFlow_MissingRefreshToken(t *testing.T) {
	u := new(TestUnit)
	defer u.Teardown()
	u.Setup()

	// Setup server
	controller := new(TokenGrant)
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		context := createRequestContext(r, w)
		defer recovery(context, true)

		controller.HandleForm(context, nil)
	}))
	defer ts.Close()

	// Send first request to get refresh token
	response, _ := http.Post(ts.URL, "application/x-www-form-urlencoded", strings.NewReader(fmt.Sprintf("grant_type=%s&client_id=%s&client_secret=%s&username=%s&password=%s",
		PasswordGrant,
		u.ClientID.Hex(),
		u.ClientSecret.Hex(),
		u.Username,
		u.Password,
	)))

	// Send second request
	response, _ = http.Post(ts.URL, "application/x-www-form-urlencoded", strings.NewReader(fmt.Sprintf("grant_type=%s&client_id=%s&client_secret=%s",
		RefreshTokenGrant,
		u.ClientID.Hex(),
		u.ClientSecret.Hex(),
	)))
	status := util.ParseStatus(response)
	if status == nil {
		t.Error(test.ExpectedNotNil)
	} else {
		if status.Code != 400 {
			t.Errorf(test.ExpectedNumberButFoundNumber, 400, status.Code)
		}
		if status.Description != fmt.Sprintf(InvalidParameter, "refresh_token") {
			t.Errorf(test.ExpectedInvalidParameter, "refresh_token", status.Description)
		}
	}
}