check tokens are received when specific scope is requested

lib/src/main/java/com/auth0/android/lock/AuthenticationCallback.java

@@ -27,7 +27,6 @@
 import android.content.Intent;
 import android.util.Log;
 
-import com.auth0.android.lock.utils.LockException;
 import com.auth0.android.result.Credentials;
 
 
@@ -78,14 +77,7 @@ private void parseAuthentication(Intent data) {
         String refreshToken = data.getStringExtra(Constants.REFRESH_TOKEN_EXTRA);
         Credentials credentials = new Credentials(idToken, accessToken, tokenType, refreshToken);
 
-        if (idToken != null && accessToken != null) {
-            Log.d(TAG, "User authenticated!");
-            onAuthentication(credentials);
-        } else {
-            Log.e(TAG, "Error parsing authentication data: id_token or access_token are missing.");
-            LockException up = new LockException(R.string.com_auth0_lock_social_error_authentication);
-            onError(up);
-            //throw up. haha
-        }
+        Log.d(TAG, "User authenticated!");
+        onAuthentication(credentials);
     }
 }

lib/src/main/java/com/auth0/android/lock/Constants.java

@@ -33,6 +33,7 @@ abstract class Constants {
     static final String SIGN_UP_ACTION = "com.auth0.android.lock.action.SignUp";
     static final String CANCELED_ACTION = "com.auth0.android.lock.action.Canceled";
 
+    static final String ERROR_EXTRA = "com.auth0.android.lock.extra.Error";
     static final String ID_TOKEN_EXTRA = "com.auth0.android.lock.extra.IdToken";
     static final String ACCESS_TOKEN_EXTRA = "com.auth0.android.lock.extra.AccessToken";
     static final String TOKEN_TYPE_EXTRA = "com.auth0.android.lock.extra.TokenType";

lib/src/main/java/com/auth0/android/lock/Lock.java

@@ -42,6 +42,7 @@
 import com.auth0.android.lock.enums.UsernameStyle;
 import com.auth0.android.lock.provider.AuthProviderResolver;
 import com.auth0.android.lock.provider.ProviderResolverManager;
+import com.auth0.android.lock.utils.LockException;
 import com.auth0.android.util.Telemetry;
 
 import java.util.ArrayList;
@@ -162,7 +163,11 @@ private void processEvent(Intent data) {
         switch (action) {
             case Constants.AUTHENTICATION_ACTION:
                 Log.v(TAG, "AUTHENTICATION action received in our BroadcastReceiver");
-                callback.onEvent(LockEvent.AUTHENTICATION, data);
+                if (data.getExtras().containsKey("error")) {
+                    callback.onError(new LockException(data.getStringExtra("error")));
+                } else {
+                    callback.onEvent(LockEvent.AUTHENTICATION, data);
+                }
                 break;
             case Constants.SIGN_UP_ACTION:
                 Log.v(TAG, "SIGN_UP action received in our BroadcastReceiver");

lib/src/main/java/com/auth0/android/lock/LockActivity.java

@@ -161,11 +161,24 @@ public void onBackPressed() {
     }
 
     private void deliverAuthenticationResult(Credentials credentials) {
+        String requestedScopes = "openid";  //default authentication scope
+        if (options.getAuthenticationParameters().containsKey("scope")) {
+            requestedScopes = (String) options.getAuthenticationParameters().get("scope");
+        }
+
         Intent intent = new Intent(Constants.AUTHENTICATION_ACTION);
-        intent.putExtra(Constants.ID_TOKEN_EXTRA, credentials.getIdToken());
-        intent.putExtra(Constants.ACCESS_TOKEN_EXTRA, credentials.getAccessToken());
-        intent.putExtra(Constants.REFRESH_TOKEN_EXTRA, credentials.getRefreshToken());
-        intent.putExtra(Constants.TOKEN_TYPE_EXTRA, credentials.getType());
+        if (credentials.getAccessToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The access_token is missing from the response.");
+        } else if (requestedScopes.contains("openid") && credentials.getIdToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The id_token is missing from the response.");
+        } else if (requestedScopes.contains("offline_access") && credentials.getRefreshToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The refresh_token is missing from the response.");
+        } else {
+            intent.putExtra(Constants.ID_TOKEN_EXTRA, credentials.getIdToken());
+            intent.putExtra(Constants.ACCESS_TOKEN_EXTRA, credentials.getAccessToken());
+            intent.putExtra(Constants.REFRESH_TOKEN_EXTRA, credentials.getRefreshToken());
+            intent.putExtra(Constants.TOKEN_TYPE_EXTRA, credentials.getType());
+        }
 
         LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
         finish();

lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java

@@ -40,6 +40,7 @@
 import com.auth0.android.lock.enums.SocialButtonStyle;
 import com.auth0.android.lock.provider.AuthProviderResolver;
 import com.auth0.android.lock.provider.ProviderResolverManager;
+import com.auth0.android.lock.utils.LockException;
 import com.auth0.android.util.Telemetry;
 
 import java.util.HashMap;
@@ -155,7 +156,11 @@ private void processEvent(Intent data) {
         switch (action) {
             case Constants.AUTHENTICATION_ACTION:
                 Log.v(TAG, "AUTHENTICATION action received in our BroadcastReceiver");
-                callback.onEvent(LockEvent.AUTHENTICATION, data);
+                if (data.getExtras().containsKey("error")) {
+                    callback.onError(new LockException(data.getStringExtra("error")));
+                } else {
+                    callback.onEvent(LockEvent.AUTHENTICATION, data);
+                }
                 break;
             case Constants.CANCELED_ACTION:
                 Log.v(TAG, "CANCELED action received in our BroadcastReceiver");

lib/src/main/java/com/auth0/android/lock/PasswordlessLockActivity.java

@@ -179,11 +179,24 @@ public void onBackPressed() {
     }
 
     private void deliverAuthenticationResult(Credentials credentials) {
+        String requestedScopes = "openid";  //default authentication scope
+        if (options.getAuthenticationParameters().containsKey("scope")) {
+            requestedScopes = (String) options.getAuthenticationParameters().get("scope");
+        }
+
         Intent intent = new Intent(Constants.AUTHENTICATION_ACTION);
-        intent.putExtra(Constants.ID_TOKEN_EXTRA, credentials.getIdToken());
-        intent.putExtra(Constants.ACCESS_TOKEN_EXTRA, credentials.getAccessToken());
-        intent.putExtra(Constants.REFRESH_TOKEN_EXTRA, credentials.getRefreshToken());
-        intent.putExtra(Constants.TOKEN_TYPE_EXTRA, credentials.getType());
+        if (credentials.getAccessToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The access_token is missing from the response.");
+        } else if (requestedScopes.contains("openid") && credentials.getIdToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The id_token is missing from the response.");
+        } else if (requestedScopes.contains("offline_access") && credentials.getRefreshToken() == null) {
+            intent.putExtra(Constants.ERROR_EXTRA, "The refresh_token is missing from the response.");
+        } else {
+            intent.putExtra(Constants.ID_TOKEN_EXTRA, credentials.getIdToken());
+            intent.putExtra(Constants.ACCESS_TOKEN_EXTRA, credentials.getAccessToken());
+            intent.putExtra(Constants.REFRESH_TOKEN_EXTRA, credentials.getRefreshToken());
+            intent.putExtra(Constants.TOKEN_TYPE_EXTRA, credentials.getType());
+        }
 
         LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
         finish();

lib/src/main/java/com/auth0/android/lock/utils/LockException.java

@@ -24,25 +24,12 @@
 
 package com.auth0.android.lock.utils;
 
-import android.content.Context;
-import android.support.annotation.StringRes;
+import android.support.annotation.NonNull;
 
 
 public class LockException extends Exception {
-    private int message;
 
-    public LockException(@StringRes int message) {
-        super();
-        this.message = message;
-    }
-
-    /**
-     * Gets the error message or description for this LockException
-     *
-     * @param context a valid context
-     * @return the localized error message
-     */
-    public String getErrorMessage(Context context) {
-        return context.getResources().getString(message);
+    public LockException(@NonNull String message) {
+        super(message);
     }
 }

lib/src/main/res/values/strings.xml

@@ -23,9 +23,6 @@
   -->
 
 <resources xmlns:tools="http://schemas.android.com/tools" tools:keep="@string/com_auth0_lock_social_*">
-    <!-- Social Authentication -->
-    <string name="com_auth0_lock_social_error_authentication">Error parsing Authentication data</string>
-
     <!-- Social Buttons -->
     <string name="com_auth0_lock_social_log_in">LOG IN WITH %s</string>
     <string name="com_auth0_lock_social_sign_up">SIGN UP WITH %s</string>

lib/src/test/java/com/auth0/android/lock/AuthenticationCallbackTest.java

@@ -41,6 +41,7 @@
 import static com.auth0.android.lock.utils.AuthenticationCallbackMatcher.hasNoError;
 import static com.auth0.android.lock.utils.AuthenticationCallbackMatcher.isCanceled;
 import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.CoreMatchers.not;
 import static org.junit.Assert.assertThat;
 
@@ -57,16 +58,16 @@ public void setUp() throws Exception {
 
     @Test
     public void shouldCallOnAuthentication() {
-        Intent data = getValidAuthenticationData();
+        Intent data = getAuthenticationData();
         callback.onEvent(LockEvent.AUTHENTICATION, data);
 
         assertThat(callback, hasAuthentication());
         assertThat(callback, hasNoError());
     }
 
     @Test
-    public void shouldReturnValidAuthentication() {
-        Intent data = getValidAuthenticationData();
+    public void shouldReturnAuthentication() {
+        Intent data = getAuthenticationData();
         callback.onEvent(LockEvent.AUTHENTICATION, data);
         Credentials credentials = credentialsFromData(data);
 
@@ -77,15 +78,6 @@ public void shouldReturnValidAuthentication() {
         assertThat(callback, hasNoError());
     }
 
-    @Test
-    public void shouldCallOnErrorIfDataIsInvalid() {
-        Intent data = getInvalidAuthenticationData();
-        callback.onEvent(LockEvent.AUTHENTICATION, data);
-
-        assertThat(callback, hasError());
-        assertThat(callback, not(hasAuthentication()));
-    }
-
     @Test
     public void shouldCallOnCanceled() {
         Intent data = new Intent();
@@ -115,7 +107,7 @@ public void shouldNotAuthenticateOrCancelWhenResetPassword() {
         assertThat(callback, hasNoError());
     }
 
-    public Intent getValidAuthenticationData() {
+    public Intent getAuthenticationData() {
         Intent i = new Intent(Constants.AUTHENTICATION_ACTION);
         i.putExtra(Constants.ID_TOKEN_EXTRA, "");
         i.putExtra(Constants.ACCESS_TOKEN_EXTRA, "");
@@ -124,13 +116,6 @@ public Intent getValidAuthenticationData() {
         return i;
     }
 
-    public Intent getInvalidAuthenticationData() {
-        Intent i = new Intent(Constants.AUTHENTICATION_ACTION);
-        i.putExtra(Constants.TOKEN_TYPE_EXTRA, "");
-        i.putExtra(Constants.REFRESH_TOKEN_EXTRA, "");
-        return i;
-    }
-
     public Credentials credentialsFromData(Intent data) {
         String idToken = data.getStringExtra(Constants.ID_TOKEN_EXTRA);
         String accessToken = data.getStringExtra(Constants.ACCESS_TOKEN_EXTRA);

lib/src/test/java/com/auth0/android/lock/utils/MockLockCallback.java

@@ -82,4 +82,8 @@ public void onError(LockException error) {
     public Credentials getCredentials() {
         return this.credentials;
     }
+
+    public LockException getError() {
+        return error;
+    }
 }