Prepare for multi-arity form of state verify.

jaredhanson · jaredhanson · commit f0d70f931100 · 2016-03-29T18:31:02.000-07:00
diff --git a/lib/strategy.js b/lib/strategy.js
@@ -149,13 +149,12 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
   }
 
   if (req.query && req.query.code) {
-    var state = req.query.state;
-    this._stateStore.verify(req, state, function(err, ok, info) {
+    function loaded(err, ok, info) {
       if (err) { return self.error(err); }
       if (!ok) {
         return self.fail(info, 403);
       }
-      
+  
       var code = req.query.code;
 
       var params = self.tokenParams(options);
@@ -197,7 +196,10 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
           });
         }
       );
-    });
+    }
+    
+    var state = req.query.state;
+    this._stateStore.verify(req, state, loaded);
   } else {
     var params = this.authorizationParams(options);
     params.response_type = 'code';
diff --git a/test/oauth2.state.custom.test.js b/test/oauth2.state.custom.test.js
@@ -25,7 +25,9 @@ describe('OAuth2Strategy', function() {
       return cb(null, 'foos7473');
     };
     
-    CustomStore.prototype.verify = function(req, state, meta, cb) {
+    CustomStore.prototype.verify = function(req, state, cb) {
+      req.customStoreVerifyCalled = req.customStoreVerifyCalled ? req.customStoreVerifyCalled++ : 1;
+      return cb(null, true);
     };
     
     
@@ -61,7 +63,7 @@ describe('OAuth2Strategy', function() {
           expect(url).to.equal('https://www.example.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fwww.example.net%2Fauth%2Fexample%2Fcallback&state=foos7473&client_id=ABC123');
         });
       
-        it('should store request token in custom store', function() {
+        it('should serialize state using custom store', function() {
           expect(request.customStoreStoreCalled).to.equal(1);
         });
       }); // that redirects to service provider
@@ -112,6 +114,73 @@ describe('OAuth2Strategy', function() {
       
     }); // issuing authorization request
     
+    
+    describe('processing response to authorization request', function() {
+      var strategy = new OAuth2Strategy({
+        authorizationURL: 'https://www.example.com/oauth2/authorize',
+        tokenURL: 'https://www.example.com/oauth2/token',
+        clientID: 'ABC123',
+        clientSecret: 'secret',
+        callbackURL: 'https://www.example.net/auth/example/callback',
+        store: new CustomStore()
+      },
+      function(accessToken, refreshToken, profile, done) {
+        if (accessToken !== '2YotnFZFEjr1zCsicMWpAA') { return done(new Error('incorrect accessToken argument')); }
+        if (refreshToken !== 'tGzv3JOkF0XG5Qx2TlKWIA') { return done(new Error('incorrect refreshToken argument')); }
+        if (typeof profile !== 'object') { return done(new Error('incorrect profile argument')); }
+        if (Object.keys(profile).length !== 0) { return done(new Error('incorrect profile argument')); }
+
+        return done(null, { id: '1234' }, { message: 'Hello' });
+      });
+
+      strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
+        if (code !== 'SplxlOBeZQQYbYS6WxSbIA') { return callback(new Error('incorrect code argument')); }
+        if (options.grant_type !== 'authorization_code') { return callback(new Error('incorrect options.grant_type argument')); }
+        if (options.redirect_uri !== 'https://www.example.net/auth/example/callback') { return callback(new Error('incorrect options.redirect_uri argument')); }
+
+        return callback(null, '2YotnFZFEjr1zCsicMWpAA', 'tGzv3JOkF0XG5Qx2TlKWIA', { token_type: 'example' });
+      }
+      
+      
+      describe('that was approved', function() {
+        var request
+          , user
+          , info;
+
+        before(function(done) {
+          chai.passport.use(strategy)
+            .success(function(u, i) {
+              user = u;
+              info = i;
+              done();
+            })
+            .req(function(req) {
+              request = req;
+          
+              req.query = {};
+              req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
+              req.query.state = 'foos7473';
+            })
+            .authenticate();
+        });
+
+        it('should supply user', function() {
+          expect(user).to.be.an.object;
+          expect(user.id).to.equal('1234');
+        });
+
+        it('should supply info', function() {
+          expect(info).to.be.an.object;
+          expect(info.message).to.equal('Hello');
+        });
+    
+        it('should verify state using custom store', function() {
+          expect(request.customStoreVerifyCalled).to.equal(1);
+        });
+      }); // that was approved
+      
+    }); // processing response to authorization request
+    
   }); // with custom state store that accepts meta argument
   
 });
