Skip to content

Commit

Permalink
Merge 3a867d9 into 81f24a4
Browse files Browse the repository at this point in the history
  • Loading branch information
@kbeyer
kbeyer committed Oct 14, 2013
2 parents 81f24a4 + 3a867d9 commit 906c322
Show file tree
Hide file tree
Showing 2 changed files with 157 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lib/strategy.js
View file
Expand Up @@ -100,6 +100,7 @@ function OAuth2Strategy(options, verify) {
this._key = options.sessionKey || ('oauth2:' + url.parse(options.authorizationURL).hostname);
this._trustProxy = options.proxy;
this._passReqToCallback = options.passReqToCallback;
this._passSourceQueryViaState = options.passSourceQueryViaState;
this._skipUserProfile = (options.skipUserProfile === undefined) ? false : options.skipUserProfile;
}

Expand Down Expand Up @@ -229,6 +230,9 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
if (!req.session[key]) { req.session[key] = {}; }
req.session[key].state = state;
params.state = state;
} else if(this._passSourceQueryViaState){
// pass request params via oAuth state property
params.state = JSON.stringify(req.query);
}

var location = this._oauth2.getAuthorizeUrl(params);
Expand Down
153 changes: 153 additions & 0 deletions test/oath2.passquery.test.js
View file
@@ -0,0 +1,153 @@
var chai = require('chai')
, OAuth2Strategy = require('../lib/strategy');


describe('OAuth2Strategy', function() {

describe('passing query params via state property to verify callback', function() {

var strategy = new OAuth2Strategy({
authorizationURL: 'https://www.example.com/oauth2/authorize',
tokenURL: 'https://www.example.com/oauth2/token',
clientID: 'ABC123',
clientSecret: 'secret',
callbackURL: 'https://www.example.net/auth/example/callback',
passReqToCallback: true,
passSourceQueryViaState: true
},
function(req, accessToken, refreshToken, profile, done) {
if (Object.keys(profile).length !== 0) { return done(null, false); }

console.log('query before check: ' + JSON.stringify(req.query));
if(!req.query.state){ return done(null, false); }

var passThroughParams = JSON.parse( decodeURIComponent( req.query.state) );
if(!passThroughParams || passThroughParams.foo !== 'bar'){ return done(null, false); }

if (accessToken == '2YotnFZFEjr1zCsicMWpAA' && refreshToken == 'tGzv3JOkF0XG5Qx2TlKWIA') {
return done(null, { id: '1234' }, { message: 'Hello', foo: req.headers['x-foo'] });
}
return done(null, false);
});

// inject a "mock" oauth2 instance
strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
if (options.grant_type !== 'authorization_code') { return callback(null, 'wrong-access-token', 'wrong-refresh-token'); }

if (code == 'SplxlOBeZQQYbYS6WxSbIA' && options.redirect_uri == 'https://www.example.net/auth/example/callback') {
callback(null, '2YotnFZFEjr1zCsicMWpAA', 'tGzv3JOkF0XG5Qx2TlKWIA', { token_type: 'example' });
} else {
callback(null, 'wrong-access-token', 'wrong-refresh-token');
}
}

describe('handling an authorized return request', function() {
var user
, info;

before(function(done) {
chai.passport(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
req.headers['x-foo'] = 'hello';
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = encodeURIComponent( JSON.stringify({foo: 'bar'}) );
})
.authenticate();
});

it('should supply user', function() {
expect(user).to.be.an.object;
expect(user.id).to.equal('1234');
});

it('should supply info', function() {
expect(info).to.be.an.object;
expect(info.message).to.equal('Hello');
});

it('should supply request header in info', function() {
expect(info.foo).to.equal('hello');
});
});
});

describe('passing query params via state property to verify callback that accepts params', function() {

var strategy = new OAuth2Strategy({
authorizationURL: 'https://www.example.com/oauth2/authorize',
tokenURL: 'https://www.example.com/oauth2/token',
clientID: 'ABC123',
clientSecret: 'secret',
callbackURL: 'https://www.example.net/auth/example/callback',
passReqToCallback: true
},
function(req, accessToken, refreshToken, params, profile, done) {
if (params.example_parameter !== 'example_value') { return done(null, false); }
if (Object.keys(profile).length !== 0) { return done(null, false); }

if(!req.query.state){ return done(null, false); }

var passThroughParams = JSON.parse( decodeURIComponent( req.query.state) );
if(!passThroughParams || passThroughParams.foo !== 'bar'){ return done(null, false); }

if (accessToken == '2YotnFZFEjr1zCsicMWpAA' && refreshToken == 'tGzv3JOkF0XG5Qx2TlKWIA') {
return done(null, { id: '1234' }, { message: 'Hello', foo: req.headers['x-foo'] });
}
return done(null, false);
});

// inject a "mock" oauth2 instance
strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
if (options.grant_type !== 'authorization_code') { return callback(null, 'wrong-access-token', 'wrong-refresh-token'); }

if (code == 'SplxlOBeZQQYbYS6WxSbIA' && options.redirect_uri == 'https://www.example.net/auth/example/callback') {
callback(null, '2YotnFZFEjr1zCsicMWpAA', 'tGzv3JOkF0XG5Qx2TlKWIA', { token_type: 'example', expires_in: 3600, example_parameter: 'example_value' });
} else {
callback(null, 'wrong-access-token', 'wrong-refresh-token');
}
}

describe('handling an authorized return request', function() {
var user
, info;

before(function(done) {
chai.passport(strategy)
.success(function(u, i) {
user = u;
info = i;
done();
})
.req(function(req) {
req.headers['x-foo'] = 'hello';
req.query = {};
req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
req.query.state = encodeURIComponent( JSON.stringify({foo: 'bar'}) );
})
.authenticate();
});

it('should supply user', function() {
expect(user).to.be.an.object;
expect(user.id).to.equal('1234');
});

it('should supply info', function() {
expect(info).to.be.an.object;
expect(info.message).to.equal('Hello');
});

it('should supply request header in info', function() {
expect(info.foo).to.equal('hello');
});
});
});


});

0 comments on commit 906c322

Please sign in to comment.