Skip to content

Commit

Permalink
handle oauth login user rejection
Browse files Browse the repository at this point in the history
  • Loading branch information
@patrickkettner
patrickkettner committed Oct 16, 2014
1 parent 3d30adf commit 571a95b
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 1 deletion.
8 changes: 7 additions & 1 deletion lib/oauth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,12 @@ exports.v1 = function (settings) {

var cookie = settings.cookie;
var name = settings.name;
var query = request.query;

// Bail if the upstream service returns an error
if (query.error === 'access_denied' || query.denied) {
return reply(Boom.internal('App was rejected'));
}

// Sign-in Initialization

Expand Down Expand Up @@ -467,4 +473,4 @@ internals.parse = function (payload) {
}

return Querystring.parse(payload);
};
};
35 changes: 35 additions & 0 deletions test/oauth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,41 @@ describe('Bell', function () {
});
});

it('errors on rejected query parameter', function (done) {

var server = new Hapi.Server('localhost');
server.pack.register(Bell, function (err) {

expect(err).to.not.exist;

server.auth.strategy('custom', 'bell', {
password: 'password',
isSecure: false,
clientId: 'test',
clientSecret: 'secret',
provider: 'twitter'
});

server.route({
method: '*',
path: '/login',
config: {
auth: 'custom',
handler: function (request, reply) {

reply(request.auth.credentials);
}
}
});

server.inject('/login?error=access_denied', function (res) {

expect(res.statusCode).to.equal(500);
done();
});
});
});

it('fails getting temporary credentials', function (done) {

var mock = new Mock.V1({ temporary: true });
Expand Down

0 comments on commit 571a95b

Please sign in to comment.