fix: handle error response with 200 status code from OAuth endpoint (#27

)
octokit · Nov 3, 2019 · 01b32fd · 01b32fd
1 parent 81a29be
commit 01b32fd
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 4 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -26,6 +26,7 @@
   "dependencies": {
     "@octokit/request": "^5.3.0",
     "@octokit/types": "^2.0.0",
+    "@octokit/request-error": "^1.1.0",
     "@types/lru-cache": "^5.1.0",
     "lru-cache": "^5.1.1",
     "universal-github-app-jwt": "^1.0.1",

diff --git a/src/get-oauth-authentication.ts b/src/get-oauth-authentication.ts
@@ -4,6 +4,7 @@ import {
   StrategyOptionsWithDefaults,
   OAuthAccesTokenAuthentication
 } from "./types";
+import { RequestError } from '@octokit/request-error';
 
 export async function getOAuthAuthentication(
   state: StrategyOptionsWithDefaults,
@@ -34,9 +35,18 @@ export async function getOAuthAuthentication(
     redirect_uri: options.redirectUrl
   };
 
+  const response = await request(route, parameters);
+
+  if (response.data.error !== undefined) {
+    throw new RequestError(`${response.data.error_description} (${response.data.error})`, response.status, {
+      headers: response.headers,
+      request: request.endpoint(route, parameters)
+    });
+  }
+
   const {
     data: { access_token: token, scope }
-  } = await request(route, parameters);
+  } = response;
 
   return {
     type: "token",

diff --git a/test/index.test.ts b/test/index.test.ts
@@ -1049,3 +1049,41 @@ test("auth.hook() creates token and uses it for succeeding requests", async () =
 
   expect(mock.done()).toBe(true);
 });
+
+
+test("oauth endpoint error", async () => {
+  const requestMock = request.defaults({
+    headers: {
+      "user-agent": "test"
+    },
+    request: {
+      fetch: fetchMock.sandbox().post(
+        "https://github.com/login/oauth/access_token", {
+          status: 200,
+          body: JSON.stringify({
+            error: "incorrect_client_credentials",
+            error_description: "The client_id and/or client_secret passed are incorrect.",
+          }),
+          headers: {
+            "Content-Type": "application/json; charset=utf-8"
+          }
+        }),
+    },
+  });
+
+  const auth = createAppAuth({
+    id: APP_ID,
+    privateKey: PRIVATE_KEY,
+    clientId: "12345678901234567890",
+    clientSecret: "1234567890123456789012345678901234567890",
+    request: requestMock,
+  });
+
+  await expect(
+    auth({
+      type: 'oauth',
+      code: '12345678901234567890',
+      redirectUrl: 'https://example.com/login',
+    })
+  ).rejects.toThrow('client_id');
+});