client is already checked at pre_auth, so the pre_auth.client? is unn…

…ecessary
doorkeeper-gem · Nov 16, 2019 · 58d0e15 · 58d0e15
1 parent 967ba05
commit 58d0e15
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 16 deletions.
diff --git a/lib/doorkeeper/openid_connect/helpers/controller.rb b/lib/doorkeeper/openid_connect/helpers/controller.rb
@@ -19,7 +19,6 @@ def oidc_authorization_request?
           controller_path == Doorkeeper::Rails::Routes.mapping[:authorizations][:controllers] &&
             action_name == 'new' &&
             pre_auth.valid? &&
-            pre_auth.client &&
             pre_auth.scopes.include?('openid')
         end
 

diff --git a/spec/controllers/doorkeeper/authorizations_controller_spec.rb b/spec/controllers/doorkeeper/authorizations_controller_spec.rb
@@ -31,6 +31,12 @@ def expect_successful_callback!
   end
 
   describe '#authenticate_resource_owner!' do
+    it 'redirects to login form when not logged in' do
+      authorize! current_user: nil
+
+      expect(response).to redirect_to '/login'
+    end
+
     context 'with OIDC requests' do
       before do
         expect(controller).to receive(:handle_oidc_prompt_param!)
@@ -42,12 +48,6 @@ def expect_successful_callback!
 
         expect_authorization_form!
       end
-
-      it 'redirects to login form when not logged in' do
-        authorize! current_user: nil
-
-        expect(response).to redirect_to '/login'
-      end
     end
 
     context 'with non-OIDC requests' do
@@ -57,22 +57,37 @@ def expect_successful_callback!
       end
 
       it 'when action is not :new' do
-        get :show
+        get :show, params: {
+          response_type: 'code',
+          current_user: user.id,
+          client_id: application.uid,
+          scope: default_scopes,
+          redirect_uri: application.redirect_uri,
+        }
 
-        expect(response).to redirect_to '/login'
+        expect(response).to render_template('doorkeeper/authorizations/show')
       end
 
-      it 'when openid scope is not present' do
-        authorize!(scope: 'profile')
+      context 'when pre_authorization is invalid' do
+        it 'render error when client_id is missing' do
+          authorize!(client_id: nil)
 
-        expect_authorization_form!
+          expect(response).to be_successful
+          expect(response).to render_template('doorkeeper/authorizations/error')
+        end
+
+        it 'render error when response_type is missing' do
+          authorize!(response_type: nil)
+
+          expect(response).to be_successful
+          expect(response).to render_template('doorkeeper/authorizations/error')
+        end
       end
 
-      it 'when client_id and scope are missing' do
-        authorize!(client_id: nil, scope: nil)
+      it 'when openid scope is not present' do
+        authorize!(scope: 'profile')
 
-        expect(response).to be_successful
-        expect(response).to render_template('doorkeeper/authorizations/error')
+        expect_authorization_form!
       end
     end
   end