Modify an error information to include JSON into body response when access token is taken

Author: tsuyoshizawa

play2-oauth2-provider/src/main/scala/scalaoauth2/provider/OAuth2Provider.scala

@@ -48,7 +48,7 @@ trait OAuth2Provider extends Results {
   implicit def play2protectedResourceRequest(request: RequestHeader): ProtectedResourceRequest = {
     ProtectedResourceRequest(request.headers.toMap, request.queryString)
   }
-  
+
   implicit def play2protectedResourceRequest[A](request: Request[A]): ProtectedResourceRequest = {
     val param: Map[String, Seq[String]] = getParam(request)
     ProtectedResourceRequest(request.headers.toMap, param)
@@ -79,13 +79,13 @@ trait OAuth2Provider extends Results {
    */
   def issueAccessToken[A, U](dataHandler: DataHandler[U])(implicit request: play.api.mvc.Request[A]): SimpleResult = {
     TokenEndpoint.handleRequest(request, dataHandler) match {
-      case Left(e) if e.statusCode == 400 => responseOAuthError(BadRequest, e)
-      case Left(e) if e.statusCode == 401 => responseOAuthError(Unauthorized, e)
+      case Left(e) if e.statusCode == 400 => BadRequest(responseOAuthErrorJson(e))
+      case Left(e) if e.statusCode == 401 => Unauthorized(responseOAuthErrorJson(e))
       case Right(r) => Ok(Json.toJson(responseAccessToken(r)))
     }
   }
 
-  protected def responseAccessToken(r: GrantHandlerResult) = {
+  protected[scalaoauth2] def responseAccessToken(r: GrantHandlerResult) = {
     Map[String, JsValue](
       "token_type" -> JsString(r.tokenType),
       "access_token" -> JsString(r.accessToken)
@@ -110,16 +110,19 @@ trait OAuth2Provider extends Results {
    */
   def authorize[A, U](dataHandler: DataHandler[U])(callback: AuthInfo[U] => SimpleResult)(implicit request: play.api.mvc.Request[A]): SimpleResult = {
     ProtectedResource.handleRequest(request, dataHandler) match {
-      case Left(e) if e.statusCode == 400 => responseOAuthError(BadRequest, e)
-      case Left(e) if e.statusCode == 401 => responseOAuthError(Unauthorized, e)
+      case Left(e) if e.statusCode == 400 => BadRequest.withHeaders(responseOAuthErrorHeader(e))
+      case Left(e) if e.statusCode == 401 => Unauthorized.withHeaders(responseOAuthErrorHeader(e))
       case Right(authInfo) => callback(authInfo)
     }
   }
 
-  protected def responseOAuthError(result: SimpleResult, e: OAuthError) = result.withHeaders(
-    "WWW-Authenticate" -> ("Bearer " + toOAuthErrorString(e))
+  protected[scalaoauth2] def responseOAuthErrorJson(e: OAuthError): JsValue = Json.obj(
+    "error" -> e.errorType,
+    "error_description" -> e.description
   )
 
+  protected[scalaoauth2] def responseOAuthErrorHeader(e: OAuthError): (String, String) = ("WWW-Authenticate" -> ("Bearer " + toOAuthErrorString(e)))
+
   protected def toOAuthErrorString(e: OAuthError): String = {
     val params = Seq("error=\"" + e.errorType + "\"") ++
       (if (!e.description.isEmpty) { Seq("error_description=\"" + e.description + "\"") } else { Nil })

play2-oauth2-provider/src/test/scala/scalaoauth2/provider/OAuth2ProviderSpec.scala

@@ -0,0 +1,35 @@
+package scalaoauth2.provider
+
+import org.scalatest._
+import org.scalatest.Matchers._
+import scala.concurrent.Future
+import play.api.libs.json._
+
+class OAuth2ProviderSpec extends FlatSpec {
+
+  object TestOAuthProvider extends OAuth2Provider {
+    override def responseAccessToken(r: GrantHandlerResult) = super.responseAccessToken(r) ++ Map("custom_key" -> JsString("custom_value"))
+  }
+
+  it should "return including access token" in {
+    val map = TestOAuthProvider.responseAccessToken(GrantHandlerResult(tokenType = "Bearer", accessToken = "access_token", expiresIn = Some(3600), refreshToken = None, scope = None))
+    map.get("token_type") should contain (JsString("Bearer"))
+    map.get("access_token") should contain (JsString("access_token"))
+    map.get("expires_in") should contain (JsNumber(3600))
+    map.get("refresh_token") should be (None)
+    map.get("scope") should be (None)
+    map.get("custom_key") should contain (JsString("custom_value"))
+  }
+
+  it should "return error message as JSON" in {
+    val json = TestOAuthProvider.responseOAuthErrorJson(new InvalidRequest("request is invalid"))
+    (json \ "error").as[String] should be ("invalid_request")
+    (json \ "error_description").as[String] should be ("request is invalid")
+  }
+
+  it should "return error message to header" in {
+    val (name, value) = TestOAuthProvider.responseOAuthErrorHeader(new InvalidRequest("request is invalid"))
+    name should be ("WWW-Authenticate")
+    value should be ("""Bearer error="invalid_request", error_description="request is invalid"""")
+  }
+}

project/Build.scala

@@ -4,12 +4,16 @@ import Keys._
 object ScalaOAuth2Build extends Build {
 
   lazy val _organization = "com.nulab-inc"
-  lazy val _version =  "0.5.0"
+  lazy val _version =  "0.5.1"
   lazy val _playVersion =  "2.2.0"
 
   val _scalaVersion = "2.10.3"
   val _crossScalaVersions = Seq("2.9.3", "2.10.3")
 
+  val commonDependenciesInTestScope = Seq(
+    "org.scalatest" %% "scalatest" % "2.0" % "test"
+  )
+
   lazy val scalaOAuth2Core = Project(
     id = "scala-oauth2-core",
     base = file("scala-oauth2-core"),
@@ -22,9 +26,8 @@ object ScalaOAuth2Build extends Build {
       crossScalaVersions := _crossScalaVersions,
       scalacOptions ++= _scalacOptions,
       libraryDependencies ++= Seq(
-        "commons-codec" % "commons-codec" % "1.8",
-        "org.scalatest" %% "scalatest" % "2.0" % "test"
-      ),
+        "commons-codec" % "commons-codec" % "1.8"
+      ) ++ commonDependenciesInTestScope,
       publishTo <<= version { (v: String) => _publishTo(v) },
       publishMavenStyle := true,
       publishArtifact in Test := false,
@@ -47,7 +50,7 @@ object ScalaOAuth2Build extends Build {
       resolvers += "Typesafe repository" at "http://repo.typesafe.com/typesafe/releases/",
       libraryDependencies ++= Seq(
         "com.typesafe.play" %% "play" % _playVersion % "provided"
-      ),
+      ) ++ commonDependenciesInTestScope,
       publishTo <<= version { (v: String) => _publishTo(v) },
       publishMavenStyle := true,
       publishArtifact in Test := false,