Port handler tests in pull oauthjs#451 from dev branch.

jcdogo · jcdogo · commit a7a6a0a9fe35 · 2020-10-07T23:05:02.000-07:00
diff --git a/test/integration/handlers/authorize-handler.spec.ts b/test/integration/handlers/authorize-handler.spec.ts
@@ -424,6 +424,95 @@ describe('AuthorizeHandler integration', () => {
         });
     });
 
+    it('should redirect to a successful response if `model.validateScope` is not defined', function() {
+      var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] };
+      var model = {
+        getAccessToken: function() {
+          return {
+            client: client,
+            user: {},
+            accessTokenExpiresAt: new Date(new Date().getTime() + 10000)
+          };
+        },
+        getClient: function() {
+          return client;
+        },
+        saveAuthorizationCode: function() {
+          return { authorizationCode: 12345, client: client };
+        }
+      };
+      var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model });
+      var request = new Request({
+        body: {
+          client_id: 12345,
+          response_type: 'code'
+        },
+        headers: {
+          'Authorization': 'Bearer foo'
+        },
+        method: 'POST',
+        query: {
+          scope: 'read',
+          state: 'foobar'
+        }
+      });
+      var response = new Response({ body: {}, headers: {} });
+
+      return handler.handle(request, response)
+        .then(function(data) {
+          data.should.eql({
+            authorizationCode: 12345,
+            client: client
+          });
+        });
+    });
+
+    it('should redirect to an error response if `scope` is insufficient', function() {
+      var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] };
+      var model = {
+        getAccessToken: function() {
+          return {
+            client: client,
+            user: {},
+            accessTokenExpiresAt: new Date(new Date().getTime() + 10000)
+          };
+        },
+        getClient: function() {
+          return client;
+        },
+        saveAuthorizationCode: function() {
+          return { authorizationCode: 12345, client: client };
+        },
+        validateScope: function() {
+          return false;
+        }
+      };
+      var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model });
+      var request = new Request({
+        body: {
+          client_id: 12345,
+          response_type: 'code'
+        },
+        headers: {
+          'Authorization': 'Bearer foo'
+        },
+        method: 'POST',
+        query: {
+          scope: 'read',
+          state: 'foobar'
+        }
+      });
+      var response = new Response({ body: {}, headers: {} });
+
+      return handler.handle(request, response)
+        .then(() => {
+          should.fail('should.fail', '');
+        })
+        .catch(function() {
+          response.get('location').should.equal('http://example.com/cb?error=invalid_scope&error_description=Invalid%20scope%3A%20Requested%20scope%20is%20invalid');
+        });
+    });
+
     it('should redirect to an error response if `state` is missing', () => {
       const model = {
         getAccessToken: () => {
