From 82008b776048e0606a1dae4cfd219fd43b646a2b Mon Sep 17 00:00:00 2001
From: Bejoy Mathew <bmatthew@ep.com>
Date: Mon, 22 Aug 2016 11:07:10 -0700
Subject: [PATCH 1/4] Updated the authentication call to check for the OAuth
 param for errors. If there is error, the code will now throw an
 InternalOAuthError with the error details.

---
 lib/strategy.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/strategy.js b/lib/strategy.js
index 01d78b1..49d275c 100644
--- a/lib/strategy.js
+++ b/lib/strategy.js
@@ -163,8 +163,13 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
 
       self._oauth2.getOAuthAccessToken(code, params,
         function(err, accessToken, refreshToken, params) {
-          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err)); }
-
+          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err));
+          if (params.error) {
+            var error = new Object();
+            error.statusCode =  params.error;
+            error.data = params.error_description;
+            return self.error(self._createOAuthError('Failed to obtain access token', error));
+          }
           self._loadUserProfile(accessToken, function(err, profile) {
             if (err) { return self.error(err); }
 

From 4db350d6940baad1fe833ecb09121ecd9b9b20b5 Mon Sep 17 00:00:00 2001
From: Bejoy Mathew <bmatthew@ep.com>
Date: Mon, 22 Aug 2016 13:10:55 -0700
Subject: [PATCH 2/4] Fixed a typo error in code

---
 lib/strategy.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/strategy.js b/lib/strategy.js
index 49d275c..3e4faef 100644
--- a/lib/strategy.js
+++ b/lib/strategy.js
@@ -163,7 +163,7 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
 
       self._oauth2.getOAuthAccessToken(code, params,
         function(err, accessToken, refreshToken, params) {
-          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err));
+          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err));}
           if (params.error) {
             var error = new Object();
             error.statusCode =  params.error;

From 230bd538153a506a2f3abdc8e4e981c83ea8514d Mon Sep 17 00:00:00 2001
From: Bejoy Mathew <bmatthew@ep.com>
Date: Mon, 22 Aug 2016 13:54:31 -0700
Subject: [PATCH 3/4] Updated the code to test the new feature and increase the
 coverage

---
 test/oauth2.test.js | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/test/oauth2.test.js b/test/oauth2.test.js
index f3949f0..0a223e3 100644
--- a/test/oauth2.test.js
+++ b/test/oauth2.test.js
@@ -1168,6 +1168,46 @@ describe('OAuth2Strategy', function() {
         expect(err.oauthError.data).to.equal('Something went wrong');
       });
     }); // that errors due to token request error, in node-oauth object literal form with text body
+
+    describe('that errors due to token request error, param object contains errors', function() {
+      var strategy = new OAuth2Strategy({
+            authorizationURL: 'https://www.example.com/oauth2/authorize',
+            tokenURL: 'https://www.example.com/oauth2/token',
+            clientID: 'ABC123',
+            clientSecret: 'secret',
+            callbackURL: 'https://www.example.net/auth/example/callback',
+          },
+          function(accessToken, refreshToken, params, profile, done) {
+            return done(new Error('verify callback should not be called'));
+          });
+
+      strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
+        return callback(null, '2YotnFZFEjr1zCsicMWpAA', 'tGzv3JOkF0XG5Qx2TlKWIA', { error: 500, error_description: 'Something went wrong' });
+      }
+
+
+      var param;
+
+      before(function(done) {
+        chai.passport.use(strategy)
+            .error(function(e) {
+              param = e;
+              done();
+            })
+            .req(function(req) {
+              req.query = {};
+              req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
+            })
+            .authenticate();
+      });
+
+      it('should error', function() {
+        expect(param).to.be.an.instanceof(InternalOAuthError)
+        expect(param.message).to.equal('Failed to obtain access token');
+        expect(param.oauthError.statusCode).to.equal(500);
+        expect(param.oauthError.data).to.equal('Something went wrong');
+      });
+    }); // that errors due to token request error, in node-oauth object literal form with text body
     
     describe('that errors due to verify callback supplying error', function() {
       var strategy = new OAuth2Strategy({

From 97cb7044e12433dd6a6415763913f0db3becd5a0 Mon Sep 17 00:00:00 2001
From: Bejoy Mathew <bmatthew@ep.com>
Date: Mon, 22 Aug 2016 17:41:56 -0700
Subject: [PATCH 4/4] Updated the minor version to reflect the change

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 3ee8418..3ff1383 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "passport-oauth2",
-  "version": "1.3.0",
+  "version": "1.3.1",
   "description": "OAuth 2.0 authentication strategy for Passport.",
   "keywords": [
     "passport",