From 6f40d03067fe3b76d71c9c5eeae1cbf2bc4e2db9 Mon Sep 17 00:00:00 2001 From: CJ Avilla Date: Thu, 18 Jul 2019 18:31:35 -0700 Subject: [PATCH] Clean up OAuth --- form/form.go | 5 ++++- oauth.go | 31 ++++++++----------------------- oauth/client.go | 3 ++- oauth/client_test.go | 42 ++++++++++++++++++++++++++++++++++++------ stripe.go | 7 ++----- 5 files changed, 52 insertions(+), 36 deletions(-) diff --git a/form/form.go b/form/form.go index 0da0df61c1..8008ea875f 100644 --- a/form/form.go +++ b/form/form.go @@ -546,7 +546,10 @@ func (f *Values) Encode() string { if buf.Len() > 0 { buf.WriteByte('&') } - buf.WriteString(v.Key) + key := url.QueryEscape(v.Key) + key = strings.Replace(key, "%5B", "[", -1) + key = strings.Replace(key, "%5D", "]", -1) + buf.WriteString(key) buf.WriteString("=") buf.WriteString(url.QueryEscape(v.Value)) } diff --git a/oauth.go b/oauth.go index cb8aad3f1e..3769d7b424 100644 --- a/oauth.go +++ b/oauth.go @@ -40,17 +40,6 @@ const ( OAuthStripeUserGenderMale OAuthStripeUserGender = "male" ) -// OAuthError is the type of errors raised when failing authorization. -type OAuthError string - -// List of supported OAuthError values. -const ( - OAuthErrorInvalidGrant OAuthError = "invalid_grant" - OAuthErrorInvalidRequest OAuthError = "invalid_request" - OAuthErrorInvalidScope OAuthError = "invalid_scope" - OAuthErrorUnsupportedGrantType OAuthError = "unsupported_grant_type" - OAuthErrorUnsupportedResponseType OAuthError = "unsupported_response_type" -) // DeauthorizeError the type of errors raised when failing authorization. type DeauthorizeError string @@ -72,9 +61,9 @@ type OAuthStripeUserParams struct { City *string `form:"city"` Country *string `form:"country"` Currency *string `form:"currency"` - DOBDay *uint64 `form:"dob_day"` - DOBMonth *uint64 `form:"dob_month"` - DOBYear *uint64 `form:"dob_year"` + DOBDay *int64 `form:"dob_day"` + DOBMonth *int64 `form:"dob_month"` + DOBYear *int64 `form:"dob_year"` Email *string `form:"email"` FirstName *string `form:"first_name"` FirstNameKana *string `form:"first_name_kana"` @@ -132,12 +121,10 @@ type OAuthTokenParams struct { // OAuthToken is the value of the OAuthToken from OAuth flow. // https://stripe.com/docs/connect/oauth-reference#post-token type OAuthToken struct { - Error OAuthError `json:"error"` - ErrorDescription string `json:"error_description"` - Livemode bool `json:"livemode"` - Scope OAuthScopeType `json:"scope"` - StripeUserID string `json:"stripe_user_id"` - TokenType OAuthTokenType `json:"token_type"` + Livemode bool `json:"livemode"` + Scope OAuthScopeType `json:"scope"` + StripeUserID string `json:"stripe_user_id"` + TokenType OAuthTokenType `json:"token_type"` // Deprecated, please use StripeUserID AccessToken string `json:"access_token"` @@ -148,7 +135,5 @@ type OAuthToken struct { // Deauthorize is the value of the return from deauthorizing. // https://stripe.com/docs/connect/oauth-reference#post-deauthorize type Deauthorize struct { - Error DeauthorizeError `json:"error"` - ErrorDescription string `json:"error_description"` - StripeUserID string `json:"stripe_user_id"` + StripeUserID string `json:"stripe_user_id"` } diff --git a/oauth/client.go b/oauth/client.go index 66cdbdcee0..106dabed6c 100644 --- a/oauth/client.go +++ b/oauth/client.go @@ -35,7 +35,8 @@ func (c Client) AuthorizeURL(params *stripe.AuthorizeURLParams) string { qs := &form.Values{} form.AppendTo(qs, params) return fmt.Sprintf( - "https://connect.stripe.com%s/oauth/authorize?%s", + "%s%s/oauth/authorize?%s", + stripe.ConnectURL, express, qs.Encode(), ) diff --git a/oauth/client_test.go b/oauth/client_test.go index e11d80a9a4..8bfc65b400 100644 --- a/oauth/client_test.go +++ b/oauth/client_test.go @@ -46,9 +46,6 @@ func TestAuthorizeURLWithOptionalArgs(t *testing.T) { func TestAuthorizeURLWithStripeUser(t *testing.T) { stripe.ClientID = "ca_123" - var dobDay uint64 = 15 - var dobMonth uint64 = 10 - var dobYear uint64 = 2019 url := AuthorizeURL(&stripe.AuthorizeURLParams{ ResponseType: stripe.String("test-code"), StripeUser: &stripe.OAuthStripeUserParams{ @@ -61,9 +58,9 @@ func TestAuthorizeURLWithStripeUser(t *testing.T) { City: stripe.String("Elko"), Country: stripe.String("US"), Currency: stripe.String("USD"), - DOBDay: &dobDay, - DOBMonth: &dobMonth, - DOBYear: &dobYear, + DOBDay: stripe.Int64(15), + DOBMonth: stripe.Int64(10), + DOBYear: stripe.Int64(2019), Email: stripe.String("test@example.com"), FirstName: stripe.String("first-name"), FirstNameKana: stripe.String("first-name-kana"), @@ -211,6 +208,39 @@ func TestNewOAuthTokenWithCustomKey(t *testing.T) { assert.NotNil(t, token) } +func TestNewOAuthTokenWithError(t *testing.T) { + stripe.Key = "sk_123" + // stripe-mock doesn't support connect URL's so this stubs out the server. + + responseBody := `{"error":"invalid_grant","error_description": "Authorization code does not exist"}` + httpClient := NewTestClient(func(req *http.Request) *http.Response { + buf := new(bytes.Buffer) + buf.ReadFrom(req.Body) + reqBody := buf.String() + assert.Contains(t, reqBody, "client_secret=sk_999") + + return &http.Response{ + StatusCode: 400, + Body: ioutil.NopCloser(bytes.NewBufferString(responseBody)), + Header: make(http.Header), + } + }) + StubConnectBackend(httpClient) + + token, err := New(&stripe.OAuthTokenParams{ + ClientSecret: stripe.String("sk_999"), + }) + + assert.NotNil(t, token) + assert.NotNil(t, err) + + stripeErr := err.(*stripe.Error) + // TODO: I think this is what I want to test once we get the structure right. + assert.Equal(t, 400, stripeErr.HTTPStatusCode) + assert.Equal(t, "Authorization code does not exist", stripeErr.Msg) + assert.Equal(t, "invalid_grant", stripeErr.Type) +} + func TestDeauthorize(t *testing.T) { stripe.Key = "sk_123" diff --git a/stripe.go b/stripe.go index 8da9ce2280..6aa8cebf5b 100644 --- a/stripe.go +++ b/stripe.go @@ -71,7 +71,7 @@ var Key string // ClientID is the Stripe Client ID used by default for OAuth requests. // Relevant OAuth parameter types can also be initialized with a specific -// ClientID that will take precidence over this global ClientID. +// ClientID that will take precedence over this global ClientID. var ClientID string // @@ -777,7 +777,7 @@ func GetBackendWithConfig(backendType SupportedBackend, config *BackendConfig) B case ConnectBackend: if config.URL == "" { - config.URL = connectURL + config.URL = ConnectURL } config.URL = normalizeURL(config.URL) @@ -908,9 +908,6 @@ func StringSlice(v []string) []*string { const apiURL = "https://api.stripe.com" -// URL Base used for OAuth requests. -const connectURL = "https://connect.stripe.com" - // clientversion is the binding version const clientversion = "61.17.0"