Skip to content

Commit

Permalink
only send audience in webauth if OIDC is true
Browse files Browse the repository at this point in the history
  • Loading branch information
lbalmaceda authored and hzalaz committed Jan 2, 2017
1 parent 9902b03 commit 56cd2c4
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 5 deletions.
2 changes: 1 addition & 1 deletion lib/src/main/java/com/auth0/android/lock/WebProvider.java
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ public void start(Activity activity, String connection, AuthCallback callback, i
builder.withScope(scope);
}
final String audience = options.getAudience();
if (audience != null) {
if (audience != null && options.getAccount().isOIDCConformant()) {
builder.withAudience(audience);
}
final String scheme = options.getScheme();
Expand Down
35 changes: 31 additions & 4 deletions lib/src/test/java/com/auth0/android/lock/WebProviderTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,37 @@ public void shouldStart() throws Exception {
webProvider.start(activity, "my-connection", callback, 123);
}

@Test
public void shouldStartWithCustomAudience() throws Exception {
Auth0 account = new Auth0("clientId", "domain.auth0.com");
account.setOIDCConformant(true);
Options options = new Options();
options.setAccount(account);

options.setUseBrowser(true);
options.withAudience("https://me.auth0.com/myapi");

AuthCallback callback = mock(AuthCallback.class);
WebProvider webProvider = new WebProvider(options);
Activity activity = spy(Robolectric.buildActivity(Activity.class)
.create()
.start()
.resume()
.get());

webProvider.start(activity, "my-connection", callback, 123);
ArgumentCaptor<Intent> intentCaptor = ArgumentCaptor.forClass(Intent.class);
verify(activity).startActivity(intentCaptor.capture());

Intent intent = intentCaptor.getValue();
assertThat(intent, is(notNullValue()));
assertThat(intent.getData(), hasHost("domain.auth0.com"));
assertThat(intent.getData(), hasParamWithValue("client_id", "clientId"));
assertThat(intent.getData(), hasParamWithValue("connection", "my-connection"));
assertThat(intent.getData(), hasParamWithValue("audience", "https://me.auth0.com/myapi"));
assertThat(intent, hasAction(Intent.ACTION_VIEW));
}

@Test
public void shouldStartBrowserWithOptions() throws Exception {
Auth0 account = new Auth0("clientId", "domain.auth0.com");
Expand All @@ -68,7 +99,6 @@ public void shouldStartBrowserWithOptions() throws Exception {
options.withScope("email profile photos");
options.withConnectionScope("my-connection", "the connection scope");
options.setUseBrowser(true);
options.withAudience("https://me.auth0.com/myapi");
options.withScheme("auth0");

AuthCallback callback = mock(AuthCallback.class);
Expand All @@ -95,7 +125,6 @@ public void shouldStartBrowserWithOptions() throws Exception {
assertThat(intent.getData(), hasParamWithValue("custom-param-2", "value-2"));
assertThat(intent.getData(), hasParamWithValue("scope", "email profile photos"));
assertThat(intent.getData(), hasParamWithValue("connection_scope", "the connection scope"));
assertThat(intent.getData(), hasParamWithValue("audience", "https://me.auth0.com/myapi"));
assertThat(intent, hasAction(Intent.ACTION_VIEW));
}

Expand All @@ -112,7 +141,6 @@ public void shouldStartWebViewWithOptions() throws Exception {
options.withScope("email profile photos");
options.withConnectionScope("my-connection", "the connection scope");
options.setUseBrowser(false);
options.withAudience("https://me.auth0.com/myapi");
options.withScheme("auth0");

AuthCallback callback = mock(AuthCallback.class);
Expand All @@ -139,7 +167,6 @@ public void shouldStartWebViewWithOptions() throws Exception {
assertThat(intent.getData(), hasParamWithValue("custom-param-2", "value-2"));
assertThat(intent.getData(), hasParamWithValue("scope", "email profile photos"));
assertThat(intent.getData(), hasParamWithValue("connection_scope", "the connection scope"));
assertThat(intent.getData(), hasParamWithValue("audience", "https://me.auth0.com/myapi"));
assertThat(intent, hasComponent(WebAuthActivity.class.getName()));
}

Expand Down

0 comments on commit 56cd2c4

Please sign in to comment.