Add test case and avoid parsing internal OAuth error when it doesn't …

…exist.
jaredhanson · Sep 24, 2021 · 8e3bcdf · 8e3bcdf
1 parent 4f8f86c
commit 8e3bcdf
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 1 deletion.
diff --git a/lib/strategy.js b/lib/strategy.js
@@ -174,7 +174,8 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
 
       self._oauth2.getOAuthAccessToken(code, params,
         function(err, accessToken, refreshToken, params) {
-          if (err || !accessToken) { return self.error(self._createOAuthError('Failed to obtain access token', err)); }
+          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err)); }
+          if (!accessToken) { return self.error(new Error('Failed to obtain access token')); }
 
           self._loadUserProfile(accessToken, function(err, profile) {
             if (err) { return self.error(err); }

diff --git a/test/oauth2.test.js b/test/oauth2.test.js
@@ -1256,6 +1256,45 @@ describe('OAuth2Strategy', function() {
       });
     }); // that errors due to token request error, in node-oauth object literal form with text body
 
+    describe('that errors due to not receiving an access token', function() {
+      var strategy = new OAuth2Strategy({
+        authorizationURL: 'https://www.example.com/oauth2/authorize',
+        tokenURL: 'https://www.example.com/oauth2/token',
+        clientID: 'ABC123',
+        clientSecret: 'secret',
+        callbackURL: 'https://www.example.net/auth/example/callback',
+      },
+      function(accessToken, refreshToken, params, profile, done) {
+        return done(new Error('something went wrong'));
+      });
+
+      strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
+        return callback(null, undefined, undefined, undefined);
+      }
+
+
+      var err;
+
+      before(function(done) {
+        chai.passport.use(strategy)
+          .error(function(e) {
+            err = e;
+            done();
+          })
+          .req(function(req) {
+            req.query = {};
+            req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
+          })
+          .authenticate();
+      });
+
+      it('should error', function() {
+        expect(err).to.be.an.instanceof(Error);
+        expect(err).to.not.be.an.instanceof(InternalOAuthError)
+        expect(err.message).to.equal('Failed to obtain access token');
+      });
+    }); // that errors due to not receiving an access token
+
     describe('that errors due to verify callback supplying error', function() {
       var strategy = new OAuth2Strategy({
         authorizationURL: 'https://www.example.com/oauth2/authorize',