Skip to content

Commit

Permalink
Add "Accept: application/json" header by default for get_token
Browse files Browse the repository at this point in the history
See OAuth spec Section 4.1.4). Previously, accept header would be set to
match the content type of the request, which is
application/x-www-form-urlencoded.
  • Loading branch information
giddie committed Mar 14, 2022
1 parent 1e34cfc commit 0e05de4
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 13 deletions.
7 changes: 5 additions & 2 deletions lib/oauth2/client.ex
Original file line number Diff line number Diff line change
Expand Up @@ -478,8 +478,11 @@ defmodule OAuth2.Client do
|> to_url(:token_url)
end

defp token_post_header(%Client{token_method: :post} = client),
do: put_header(client, "content-type", "application/x-www-form-urlencoded")
defp token_post_header(%Client{token_method: :post} = client) do
client
|> put_header("content-type", "application/x-www-form-urlencoded")
|> put_header("accept", "application/json")
end

defp token_post_header(%Client{} = client), do: client

Expand Down
22 changes: 11 additions & 11 deletions test/oauth2/client_test.exs
Original file line number Diff line number Diff line change
Expand Up @@ -39,23 +39,23 @@ defmodule OAuth2.ClientTest do
test "get_token, get_token!", %{client: client, server: server} do
bypass(server, "POST", "/oauth/token", fn conn ->
assert conn.query_string == ""
assert get_req_header(conn, "accept") == ["application/json"]

send_resp(conn, 200, ~s({"access_token":"test1234"}))
end)

assert {:ok, client} =
Client.get_token(client, [code: "code1234"], [{"accept", "application/json"}])

assert {:ok, client} = Client.get_token(client, code: "code1234")
assert client.token.access_token == "test1234"

assert %Client{} =
Client.get_token!(client, [code: "code1234"], [{"accept", "application/json"}])
assert %Client{} = Client.get_token!(client, code: "code1234")
end

test "get_token, get_token! when `:token_method` is `:get`", %{client: client, server: server} do
client = %{client | token_method: :get}

bypass(server, "GET", "/oauth/token", fn conn ->
refute conn.query_string == ""
assert get_req_header(conn, "accept") == ["application/json"]
assert conn.query_params["code"] == "code1234"
assert conn.query_params["redirect_uri"]
send_resp(conn, 200, ~s({"access_token":"test1234","token_type":"bearer"}))
Expand All @@ -69,19 +69,19 @@ defmodule OAuth2.ClientTest do

test "get_token, get_token! when response error", %{client: client, server: server} do
code = [code: "code1234"]
headers = [{"accept", "application/json"}]

bypass(server, "POST", "/oauth/token", fn conn ->
assert conn.query_string == ""
assert get_req_header(conn, "accept") == ["application/json"]
send_resp(conn, 500, ~s({"error":"missing_client_id"}))
end)

assert {:error, error} = Client.get_token(client, code, headers)
assert {:error, error} = Client.get_token(client, code)
assert %Response{body: body, status_code: 500} = error
assert body == %{"error" => "missing_client_id"}

assert_raise OAuth2.Error, ~r/Body/, fn ->
Client.get_token!(client, code, headers)
Client.get_token!(client, code)
end
end

Expand Down Expand Up @@ -112,11 +112,11 @@ defmodule OAuth2.ClientTest do

token = client.token
client = %{client | token: %{token | refresh_token: "abcdefg"}}
assert {:ok, client_a} = Client.refresh_token(client, [], [{"accept", "application/json"}])
assert {:ok, client_a} = Client.refresh_token(client, [])
assert client_a.token.access_token == "new-access-token"
assert client_a.token.refresh_token == "new-refresh-token"

assert client_b = Client.refresh_token!(client, [], [{"accept", "application/json"}])
assert client_b = Client.refresh_token!(client, [])
assert client_b.token.access_token == "new-access-token"
assert client_b.token.refresh_token == "new-refresh-token"
end
Expand All @@ -138,7 +138,7 @@ defmodule OAuth2.ClientTest do

token = client.token
client = %{client | token: %{token | refresh_token: "old-refresh-token"}}
assert {:ok, client} = Client.refresh_token(client, [], [{"accept", "application/json"}])
assert {:ok, client} = Client.refresh_token(client, [])
assert client.token.access_token == "new-access-token"
assert client.token.refresh_token == "old-refresh-token"
end
Expand Down

0 comments on commit 0e05de4

Please sign in to comment.