fix: [ory#628] Add more error checking in tests and standardize confi…

…g error messages
vivshankar · Jul 11, 2022 · 9bfe344 · 9bfe344
1 parent ef94374
commit 9bfe344
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 6 deletions.
diff --git a/authorize_request_handler.go b/authorize_request_handler.go
@@ -295,7 +295,7 @@ func (f *Fosite) authorizeRequestFromPAR(ctx context.Context, r *http.Request, r
 
 	storage, ok := f.Store.(PARStorage)
 	if !ok {
-		return false, errorsx.WithStack(ErrServerError.WithDebug("Request failed because the 'PARStorage' interface is not implemented."))
+		return false, errorsx.WithStack(ErrServerError.WithHint(ErrorPARNotSupported).WithDebug(DebugPARStorageInvalid))
 	}
 
 	// hydrate the requester

diff --git a/handler/par/flow_pushed_authorize.go b/handler/par/flow_pushed_authorize.go
@@ -30,12 +30,12 @@ type PushedAuthorizeHandler struct {
 func (c *PushedAuthorizeHandler) HandlePushedAuthorizeEndpointRequest(ctx context.Context, ar fosite.AuthorizeRequester, resp fosite.PushedAuthorizeResponder) error {
 	configProvider, ok := c.Config.(fosite.PushedAuthorizeRequestConfigProvider)
 	if !ok {
-		return fmt.Errorf("unable to process the handler because the 'PushedAuthorizeRequestConfigProvider' has not been implemented.")
+		return errorsx.WithStack(fosite.ErrServerError.WithHint(fosite.ErrorPARNotSupported).WithDebug(fosite.DebugPARConfigMissing))
 	}
 
 	storage, ok := c.Storage.(fosite.PARStorage)
 	if !ok {
-		return errorsx.WithStack(fosite.ErrServerError.WithHint("OAuth 2.0 storage provider does not support Pushed Authorization Requests"))
+		return errorsx.WithStack(fosite.ErrServerError.WithHint(fosite.ErrorPARNotSupported).WithDebug(fosite.DebugPARStorageInvalid))
 	}
 
 	if !ar.GetResponseTypes().HasOneOf("token", "code", "id_token") {

diff --git a/integration/pushed_authorize_code_grant_test.go b/integration/pushed_authorize_code_grant_test.go
@@ -148,10 +148,15 @@ func runPushedAuthorizeCodeGrantTest(t *testing.T, strategy interface{}) {
 			err = json.Unmarshal(body, &m)
 
 			assert.NoError(t, err, "Error occurred when unamrshaling the body: %v", err)
-			assert.Condition(t, func() bool { return m["request_uri"].(string) != "" }, "request_uri is empty")
+
+			// validate request_uri
+			requestURI, _ := m["request_uri"].(string)
+			assert.NotEmpty(t, requestURI, "request_uri is empty")
 			assert.Condition(t, func() bool {
-				return strings.HasPrefix(m["request_uri"].(string), "urn:ietf:params:oauth:request_uri:")
-			}, "PAR Prefix is incorrect: %v", m["request_uri"].(string))
+				return strings.HasPrefix(requestURI, "urn:ietf:params:oauth:request_uri:")
+			}, "PAR Prefix is incorrect: %s", requestURI)
+
+			// validate expires_in
 			assert.EqualValues(t, 300, int(m["expires_in"].(float64)), "Invalid expires_in value=%v", m["expires_in"])
 
 			// call authorize
@@ -170,6 +175,8 @@ func runPushedAuthorizeCodeGrantTest(t *testing.T, strategy interface{}) {
 				return
 			}
 
+			require.NotEmpty(t, resp.Request.URL.Query().Get("code"), "Auth code is empty")
+
 			token, err := oauthClient.Exchange(goauth.NoContext, resp.Request.URL.Query().Get("code"))
 			require.NoError(t, err)
 			require.NotEmpty(t, token.AccessToken)

diff --git a/pushed_authorize_request_handler.go b/pushed_authorize_request_handler.go
@@ -9,6 +9,12 @@ import (
 	"github.com/ory/x/errorsx"
 )
 
+const (
+	ErrorPARNotSupported   = "The OAuth 2.0 provider does not support Pushed Authorization Requests"
+	DebugPARStorageInvalid = "'PARStorage' not implemented"
+	DebugPARConfigMissing  = "'PushedAuthorizeRequestConfigProvider' not implemented"
+)
+
 // NewPushedAuthorizeRequest validates the request and produces an AuthorizeRequester object that can be stored
 func (f *Fosite) NewPushedAuthorizeRequest(ctx context.Context, r *http.Request) (AuthorizeRequester, error) {
 	request := NewAuthorizeRequest()