From 8e3bcdff145a2219033bd782fc517229fe3e05ea Mon Sep 17 00:00:00 2001
From: Jared Hanson <jaredhanson@gmail.com>
Date: Fri, 24 Sep 2021 14:26:10 -0700
Subject: [PATCH] Add test case and avoid parsing internal OAuth error when it
 doesn't exist.

---
 lib/strategy.js     |  3 ++-
 test/oauth2.test.js | 39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/lib/strategy.js b/lib/strategy.js
index 60ad54a..b05aacc 100644
--- a/lib/strategy.js
+++ b/lib/strategy.js
@@ -174,7 +174,8 @@ OAuth2Strategy.prototype.authenticate = function(req, options) {
 
       self._oauth2.getOAuthAccessToken(code, params,
         function(err, accessToken, refreshToken, params) {
-          if (err || !accessToken) { return self.error(self._createOAuthError('Failed to obtain access token', err)); }
+          if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err)); }
+          if (!accessToken) { return self.error(new Error('Failed to obtain access token')); }
 
           self._loadUserProfile(accessToken, function(err, profile) {
             if (err) { return self.error(err); }
diff --git a/test/oauth2.test.js b/test/oauth2.test.js
index e829751..36552b6 100644
--- a/test/oauth2.test.js
+++ b/test/oauth2.test.js
@@ -1256,6 +1256,45 @@ describe('OAuth2Strategy', function() {
       });
     }); // that errors due to token request error, in node-oauth object literal form with text body
     
+    describe('that errors due to not receiving an access token', function() {
+      var strategy = new OAuth2Strategy({
+        authorizationURL: 'https://www.example.com/oauth2/authorize',
+        tokenURL: 'https://www.example.com/oauth2/token',
+        clientID: 'ABC123',
+        clientSecret: 'secret',
+        callbackURL: 'https://www.example.net/auth/example/callback',
+      },
+      function(accessToken, refreshToken, params, profile, done) {
+        return done(new Error('something went wrong'));
+      });
+  
+      strategy._oauth2.getOAuthAccessToken = function(code, options, callback) {
+        return callback(null, undefined, undefined, undefined);
+      }
+  
+  
+      var err;
+  
+      before(function(done) {
+        chai.passport.use(strategy)
+          .error(function(e) {
+            err = e;
+            done();
+          })
+          .req(function(req) {
+            req.query = {};
+            req.query.code = 'SplxlOBeZQQYbYS6WxSbIA';
+          })
+          .authenticate();
+      });
+
+      it('should error', function() {
+        expect(err).to.be.an.instanceof(Error);
+        expect(err).to.not.be.an.instanceof(InternalOAuthError)
+        expect(err.message).to.equal('Failed to obtain access token');
+      });
+    }); // that errors due to not receiving an access token
+    
     describe('that errors due to verify callback supplying error', function() {
       var strategy = new OAuth2Strategy({
         authorizationURL: 'https://www.example.com/oauth2/authorize',