fix: remove deprecated passing of scope with consent results

BREAKING CHANGE: Passing `scope` to interaction result's `consent` property is no longer supported
panva · Sep 26, 2018 · 35f13bc · 35f13bc
1 parent 6b3d2cb
commit 35f13bc
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 68 deletions.
diff --git a/lib/actions/authorization/resume.js b/lib/actions/authorization/resume.js
@@ -1,5 +1,4 @@
 const url = require('url');
-const { deprecate } = require('util');
 
 const uuid = require('uuid/v4');
 const _ = require('lodash');
@@ -8,8 +7,6 @@ const { SessionNotFound } = require('../../helpers/errors');
 const instance = require('../../helpers/weak_cache');
 const getParams = require('../../helpers/params');
 
-const deprecated = deprecate(() => {}, 'passing scope is deprecated, use rejectedScopes and rejectedClaims instead');
-
 module.exports = function getResumeAction(provider, whitelist, resumeRouteName) {
   const Params = getParams(whitelist);
   return async function resumeAction(ctx, next) {
@@ -65,12 +62,7 @@ module.exports = function getResumeAction(provider, whitelist, resumeRouteName)
     }
 
     if (result && result.consent) {
-      const { scope, rejectedClaims, rejectedScopes } = result.consent;
-
-      if (scope !== undefined) {
-        deprecated();
-        params.scope = String(scope);
-      }
+      const { rejectedClaims, rejectedScopes } = result.consent;
 
       if (rejectedClaims) {
         session.rejectedClaimsFor(params.client_id, rejectedClaims);

diff --git a/test/device_code/device_resume.test.js b/test/device_code/device_resume.test.js
@@ -371,33 +371,6 @@ describe('device interaction resume /device/:user_code/:grant/', () => {
       expect(code).to.have.property('scope', 'openid offline_access');
     });
 
-    it('should use the scope from resume cookie if provided', async function () {
-      const spy = sinon.spy(i(this.provider).configuration(), 'deviceCodeSuccess');
-
-      setup.call(this, {
-        scope: 'openid offline_access',
-      }, {
-        login: {
-          account: uuid(),
-          remember: true,
-        },
-        consent: {
-          scope: 'openid',
-        },
-      });
-
-      await this.agent.get(path)
-        .accept('text/html')
-        .expect(() => {
-          expect(spy.calledOnce).to.be.true;
-        })
-        .expect(200);
-
-      const code = await this.provider.DeviceCode.findByUserCode(userCode);
-      expect(code).to.have.property('accountId');
-      expect(code).to.have.property('scope', 'openid');
-    });
-
     it('if not resolved returns consent_required error', async function () {
       const spy = sinon.spy(i(this.provider).configuration(), 'userCodeInputSource');
 

diff --git a/test/interaction/interaction.test.js b/test/interaction/interaction.test.js
@@ -334,38 +334,6 @@ describe('resume after interaction', () => {
         });
     });
 
-    it('should use the scope from resume cookie if provided', function () {
-      const auth = new this.AuthorizationRequest({
-        response_type: 'code',
-        scope: 'openid',
-      });
-
-      setup.call(this, auth, {
-        login: {
-          account: uuid(),
-          remember: true,
-        },
-        consent: {
-          scope: 'openid profile',
-        },
-      });
-
-      let authorizationCode;
-
-      this.provider.once('token.issued', (code) => {
-        authorizationCode = code;
-      });
-
-      return this.agent.get('/auth/resume')
-        .expect(() => {
-          this.provider.removeAllListeners('token.issued');
-        })
-        .expect(() => {
-          expect(authorizationCode).to.be.ok;
-          expect(authorizationCode).to.have.property('scope', 'openid profile');
-        });
-    });
-
     it('if not resolved returns consent_required error', function () {
       const auth = new this.AuthorizationRequest({
         response_type: 'code',