Skip to content

Commit

Permalink
handle oauth user rejection for v2 as well
Browse files Browse the repository at this point in the history
  • Loading branch information
@chmanie
chmanie committed Nov 7, 2014
1 parent bdafb64 commit 96f5ae7
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 0 deletions.
5 changes: 5 additions & 0 deletions lib/oauth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,11 @@ exports.v2 = function (settings) {
var cookie = settings.cookie;
var name = settings.name;

// Bail if the upstream service returns an error
if (request.query.error === 'access_denied' || request.query.denied) {
return reply(Boom.internal('App was rejected'));
}

// Sign-in Initialization

if (!request.query.code) {
Expand Down
41 changes: 41 additions & 0 deletions test/oauth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -923,6 +923,47 @@ describe('Bell', function () {
});
});

it('errors on rejected query parameter', function (done) {

var mock = new Mock.V2();
mock.start(function (provider) {

var server = new Hapi.Server('localhost');
server.pack.register(Bell, function (err) {

expect(err).to.not.exist();

server.auth.strategy('custom', 'bell', {
password: 'password',
isSecure: false,
clientId: 'test',
clientSecret: 'secret',
provider: provider,
providerParams: { special: true }
});

server.route({
method: '*',
path: '/login',
config: {
auth: 'custom',
handler: function (request, reply) {

reply(request.auth.credentials);
}
}
});

server.inject('/login?error=access_denied', function (res) {

expect(res.statusCode).to.equal(500);
done();

});
});
});
});

it('passes profile get params', { parallel: false }, function (done) {

var mock = new Mock.V2();
Expand Down

0 comments on commit 96f5ae7

Please sign in to comment.