Merge pull request #273 from auth0/fixes

Return policy attr in errors + responseType validation

src/helper/response-handler.js

@@ -37,6 +37,10 @@ function wrapCallback(cb) {
         errObj.name = err.name;
       }
 
+      if (err.policy) {
+        errObj.policy = err.policy;
+      }
+
       return cb(errObj);
     }
 

src/web-auth/index.js

@@ -259,6 +259,10 @@ WebAuth.prototype.login = function (options) {
     'audience'
   ]).with(options);
 
+  assert.check(params, { type: 'object', message: 'options parameter is not valid' }, {
+    responseType: { type: 'string', message: 'responseType option is required' }
+  });
+
   params = this.transactionManager.process(params);
 
   windowHelper.redirect(this.client.buildAuthorizeUrl(params));

src/web-auth/redirect.js

@@ -2,6 +2,7 @@ var UsernamePassword = require('./username-password');
 var TransactionManager = require('./transaction-manager');
 var objectHelper = require('../helper/object');
 var Warn = require('../helper/warn');
+var assert = require('../helper/assert');
 
 function Redirect(client, options) {
   this.baseOptions = options;
@@ -36,6 +37,10 @@ Redirect.prototype.login = function (options, cb) {
 
   this.warn.warning('`webauth.redirect.login` will be soon deprecated, use `webauth.login` instead.');
 
+  assert.check(params, { type: 'object', message: 'options parameter is not valid' }, {
+    responseType: { type: 'string', message: 'responseType option is required' }
+  });
+
   params = this.transactionManager.process(params);
 
   usernamePassword = new UsernamePassword(this.baseOptions);

test/helper/response-handler.test.js

@@ -23,6 +23,7 @@ describe('helpers responseHandler', function () {
     assert_err.response.statusText = 'Bad request';
     assert_err.response.body = {
       error: 'the_error_code',
+      policy: 'the policy',
       error_description: 'The error description.',
       name: 'SomeName'
     };
@@ -34,6 +35,7 @@ describe('helpers responseHandler', function () {
         statusCode: 400,
         statusText: 'Bad request',
         code: 'the_error_code',
+        policy: 'the policy',
         description: 'The error description.',
         name: 'SomeName'
       });

test/web-auth/redirect.test.js

@@ -553,13 +553,21 @@ describe('auth0.WebAuth.redirect', function () {
         domain: 'me.auth0.com',
         clientID: '...',
         redirectUri: 'http://page.com/callback',
-        responseType: 'code',
         _sendTelemetry: false
       });
     });
 
+    it('should check that responseType is present', function() {
+      var _this = this;
+      expect(function() {
+        _this.auth0.login({ connection: 'facebook' })
+      }).to.throwException(function (e) {
+        expect(e.message).to.be('responseType option is required');
+      });
+    })
+
     it('should redirect to authorize', function () {
-      this.auth0.login({connection: 'facebook', state: '1234'})
+      this.auth0.login({responseType: 'code', connection: 'facebook', state: '1234'})
       expect(global.window.location).to.be('https://me.auth0.com/authorize?connection=facebook&client_id=...&response_type=code&redirect_uri=http%3A%2F%2Fpage.com%2Fcallback&state=1234');
     });
 

test/web-auth/web-auth.test.js

@@ -254,6 +254,28 @@ describe('auth0.WebAuth', function () {
     });
   });
 
+  context('login', function () {
+    it('should check that responseType is present', function () {
+      global.window = { location: '' };
+      var webAuth = new WebAuth({
+        domain: 'me.auth0.com',
+        redirectUri: 'http://page.com/callback',
+        clientID: '...',
+        scope: 'openid name read:blog',
+        audience: 'urn:site:demo:blog',
+        _sendTelemetry: false
+      });
+
+      expect(function() {
+        webAuth.login({ connection: 'facebook' })
+      }).to.throwException(function (e) {
+        expect(e.message).to.be('responseType option is required');
+      });
+
+      delete global.window;
+    });
+  });
+
   context('renewAuth', function () {
     beforeEach(function(){
       global.window = {};