Add tests for retrieve errors

andig · andig · commit 927199fdf507 · 2025-10-10T10:41:32.000+02:00
diff --git a/deviceauth.go b/deviceauth.go
@@ -134,7 +134,18 @@ func retrieveDeviceAuth(ctx context.Context, c *Config, v url.Values) (*DeviceAu
 			retrieveError.ErrorDescription = vals.Get("error_description")
 			retrieveError.ErrorURI = vals.Get("error_uri")
 		default:
-			json.Unmarshal(body, &retrieveError) // no error checks
+			var tj struct {
+				// https://datatracker.ietf.org/doc/html/rfc6749#section-5.2
+				ErrorCode        string `json:"error"`
+				ErrorDescription string `json:"error_description"`
+				ErrorURI         string `json:"error_uri"`
+			}
+			if json.Unmarshal(body, &tj) != nil {
+				return nil, retrieveError
+			}
+			retrieveError.ErrorCode = tj.ErrorCode
+			retrieveError.ErrorDescription = tj.ErrorDescription
+			retrieveError.ErrorURI = tj.ErrorURI
 		}
 
 		return nil, retrieveError
diff --git a/deviceauth_test.go b/deviceauth_test.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"net/http"
+	"net/http/httptest"
 	"strings"
 	"testing"
 	"time"
@@ -101,3 +103,49 @@ func ExampleConfig_DeviceAuth() {
 	}
 	fmt.Println(token)
 }
+
+func TestDeviceAuthTokenRetrieveErrorJSON(t *testing.T) {
+	for _, responseFun := range []func(w http.ResponseWriter){
+		func(w http.ResponseWriter) {
+			w.Header().Set("Content-type", "application/x-www-form-urlencoded")
+			// "The authorization server responds with an HTTP 400 (Bad Request)" https://www.rfc-editor.org/rfc/rfc6749#section-5.2
+			w.WriteHeader(http.StatusBadRequest)
+			w.Write([]byte(`error=invalid_grant&error_description=sometext`))
+		},
+		func(w http.ResponseWriter) {
+			w.Header().Set("Content-type", "application/json")
+			// "The authorization server responds with an HTTP 400 (Bad Request)" https://www.rfc-editor.org/rfc/rfc6749#section-5.2
+			w.WriteHeader(http.StatusBadRequest)
+			w.Write([]byte(`{"error": "invalid_grant", "error_description": "sometext"}`))
+		},
+	} {
+		ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if r.URL.String() != "/device" {
+				t.Errorf("Unexpected device auth request URL, %v is found.", r.URL)
+			}
+			responseFun(w)
+		}))
+		defer ts.Close()
+		conf := newConf(ts.URL)
+		_, err := conf.DeviceAuth(context.Background())
+		if err == nil {
+			t.Fatalf("got no error, expected one")
+		}
+		re, ok := err.(*RetrieveError)
+		if !ok {
+			t.Fatalf("got %T error, expected *RetrieveError; error was: %v", err, err)
+		}
+		expected := `oauth2: "invalid_grant" "sometext"`
+		if errStr := err.Error(); errStr != expected {
+			t.Fatalf("got %#v, expected %#v", errStr, expected)
+		}
+		expected = "invalid_grant"
+		if re.ErrorCode != expected {
+			t.Fatalf("got %#v, expected %#v", re.ErrorCode, expected)
+		}
+		expected = "sometext"
+		if re.ErrorDescription != expected {
+			t.Fatalf("got %#v, expected %#v", re.ErrorDescription, expected)
+		}
+	}
+}
diff --git a/oauth2_test.go b/oauth2_test.go
@@ -31,8 +31,9 @@ func newConf(url string) *Config {
 		RedirectURL:  "REDIRECT_URL",
 		Scopes:       []string{"scope1", "scope2"},
 		Endpoint: Endpoint{
-			AuthURL:  url + "/auth",
-			TokenURL: url + "/token",
+			AuthURL:       url + "/auth",
+			DeviceAuthURL: url + "/device",
+			TokenURL:      url + "/token",
 		},
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,9 @@ func newConf(url string) *Config {`
`31`	`31`	`RedirectURL: "REDIRECT_URL",`
`32`	`32`	`Scopes: []string{"scope1", "scope2"},`
`33`	`33`	`Endpoint: Endpoint{`
`34`		`- AuthURL: url + "/auth",`
`35`		`- TokenURL: url + "/token",`
	`34`	`+ AuthURL: url + "/auth",`
	`35`	`+ DeviceAuthURL: url + "/device",`
	`36`	`+ TokenURL: url + "/token",`
`36`	`37`	`},`
`37`	`38`	`}`
`38`	`39`	`}`