set response_on_fragment for error_response in pre_authorization by r…

…esponse_type
doorkeeper-gem · Nov 17, 2019 · c70acc9 · c70acc9
1 parent fabe4ea
commit c70acc9
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 3 deletions.
diff --git a/lib/doorkeeper/openid_connect/oauth/pre_authorization.rb b/lib/doorkeeper/openid_connect/oauth/pre_authorization.rb
@@ -8,6 +8,22 @@ def initialize(server, attrs = {})
           super
           @nonce = attrs[:nonce]
         end
+
+        # This method will be updated when doorkeeper move to version > 5.2.2
+        # TODO: delete this method and refactor response_on_fragment? method (below) when doorkeeper gem version constrains is > 5.2.2
+        def error_response
+          if error == :invalid_request
+            Doorkeeper::OAuth::InvalidRequestResponse.from_request(self, response_on_fragment: response_on_fragment?)
+          else
+            Doorkeeper::OAuth::ErrorResponse.from_request(self, response_on_fragment: response_on_fragment?)
+          end
+        end
+
+        private
+
+        def response_on_fragment?
+          response_type == "token" || response_type == "id_token" || response_type == "id_token token"
+        end
       end
     end
   end

diff --git a/spec/lib/oauth/pre_authorization_spec.rb b/spec/lib/oauth/pre_authorization_spec.rb
@@ -1,12 +1,51 @@
 require 'rails_helper'
 
 describe Doorkeeper::OpenidConnect::OAuth::PreAuthorization do
-  subject { Doorkeeper::OAuth::PreAuthorization.new server, { nonce: '123456' } }
+  subject { Doorkeeper::OAuth::PreAuthorization.new server, attrs }
   let(:server) { double }
+  let(:attrs) {}
 
   describe '#initialize' do
-    it 'stores the nonce attribute' do
-      expect(subject.nonce).to eq '123456'
+    context 'with nonce parameter' do
+      let(:attrs) { { nonce: '123456' } }
+
+      it 'stores the nonce attribute' do
+        expect(subject.nonce).to eq '123456'
+      end
+    end
+  end
+
+  describe '#error_response' do
+    context 'with response_type = code' do
+      let(:attrs) { { response_type: 'code', redirect_uri: 'client.com/callback' } }
+
+      it 'should redirect to redirect_uri with query parameter' do
+        expect(subject.error_response.redirect_uri).to match(/#{attrs[:redirect_uri]}\?/)
+      end
+    end
+
+    context 'with response_type = token' do
+      let(:attrs) { { response_type: 'token', redirect_uri: 'client.com/callback' } }
+
+      it 'should redirect to redirect_uri with fragment' do
+        expect(subject.error_response.redirect_uri).to match(/#{attrs[:redirect_uri]}#/)
+      end
+    end
+
+    context 'with response_type = id_token' do
+      let(:attrs) { { response_type: 'id_token', redirect_uri: 'client.com/callback' } }
+
+      it 'should redirect to redirect_uri with fragment' do
+        expect(subject.error_response.redirect_uri).to match(/#{attrs[:redirect_uri]}#/)
+      end
+    end
+
+    context 'with response_type = id_token token' do
+      let(:attrs) { { response_type: 'id_token token', redirect_uri: 'client.com/callback' } }
+
+      it 'should redirect to redirect_uri with fragment' do
+        expect(subject.error_response.redirect_uri).to match(/#{attrs[:redirect_uri]}#/)
+      end
     end
   end
 end