diff --git a/lib/grant-types/abstract-grant-type.js b/lib/grant-types/abstract-grant-type.js index 4fd02437..11d086e7 100644 --- a/lib/grant-types/abstract-grant-type.js +++ b/lib/grant-types/abstract-grant-type.js @@ -97,7 +97,7 @@ AbstractGrantType.prototype.validateScope = async function(user, client, scope) return validatedScope; } else { - return scope; + return Promise.resolve(scope); } }; diff --git a/lib/grant-types/authorization-code-grant-type.js b/lib/grant-types/authorization-code-grant-type.js index 2101462b..22e1823c 100644 --- a/lib/grant-types/authorization-code-grant-type.js +++ b/lib/grant-types/authorization-code-grant-type.js @@ -207,6 +207,7 @@ class AuthorizationCodeGrantType extends AbstractGrantType { } } + /** * Export constructor. */ diff --git a/test/integration/grant-types/authorization-code-grant-type_test.js b/test/integration/grant-types/authorization-code-grant-type_test.js index a4d69c40..3e0da229 100644 --- a/test/integration/grant-types/authorization-code-grant-type_test.js +++ b/test/integration/grant-types/authorization-code-grant-type_test.js @@ -88,7 +88,7 @@ describe('AuthorizationCodeGrantType integration', function() { e.message.should.equal('Missing parameter: `request`'); } }); - + it('should throw an error if `client` is invalid', function() { const client = {}; const model = { @@ -108,7 +108,7 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `client` is missing', function() { - + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() {}, diff --git a/test/unit/grant-types/authorization-code-grant-type_test.js b/test/unit/grant-types/authorization-code-grant-type_test.js index c3502bee..c98aa156 100644 --- a/test/unit/grant-types/authorization-code-grant-type_test.js +++ b/test/unit/grant-types/authorization-code-grant-type_test.js @@ -72,7 +72,7 @@ describe('AuthorizationCodeGrantType', function() { }; const handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); - sinon.stub(handler, 'validateScope').returns('foobiz'); + sinon.stub(handler, 'validateScope').returns(Promise.resolve('foobiz')); sinon.stub(handler, 'generateAccessToken').returns(Promise.resolve('foo')); sinon.stub(handler, 'generateRefreshToken').returns(Promise.resolve('bar')); sinon.stub(handler, 'getAccessTokenExpiresAt').returns(Promise.resolve('biz')); @@ -86,6 +86,37 @@ describe('AuthorizationCodeGrantType', function() { model.saveToken.firstCall.args[1].should.equal(client); model.saveToken.firstCall.args[2].should.equal(user); model.saveToken.firstCall.thisValue.should.equal(model); + handler.validateScope.callCount.should.equal(1); + }) + .catch(should.fail); + }); + }); + + describe('saveToken() - no scope', function() { + it('should call `model.saveToken()`', function() { + const client = {}; + const user = {}; + const model = { + getAuthorizationCode: function() {}, + revokeAuthorizationCode: function() {}, + saveToken: sinon.stub().returns(true), + validateScope: function(u, c, s){ return null; } + }; + const handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); + + sinon.stub(handler, 'generateAccessToken').returns(Promise.resolve('foo')); + sinon.stub(handler, 'generateRefreshToken').returns(Promise.resolve('bar')); + sinon.stub(handler, 'getAccessTokenExpiresAt').returns(Promise.resolve('biz')); + sinon.stub(handler, 'getRefreshTokenExpiresAt').returns(Promise.resolve('baz')); + + return handler.saveToken(user, client, 'foobar', null) + .then(function() { + model.saveToken.callCount.should.equal(1); + model.saveToken.firstCall.args.should.have.length(3); + model.saveToken.firstCall.args[0].should.eql({ accessToken: 'foo', authorizationCode: 'foobar', accessTokenExpiresAt: 'biz', refreshToken: 'bar', refreshTokenExpiresAt: 'baz', scope: null }); + model.saveToken.firstCall.args[1].should.equal(client); + model.saveToken.firstCall.args[2].should.equal(user); + model.saveToken.firstCall.thisValue.should.equal(model); }) .catch(should.fail); });