only add code challenge properties to code when codeChallenge and codeChallengeMethod ar set

martinssonj · martinssonj · commit c597a2406045 · 2022-10-31T10:54:18.000+01:00
diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js
@@ -296,14 +296,19 @@ AuthorizeHandler.prototype.getRedirectUri = function(request, client) {
  */
 
 AuthorizeHandler.prototype.saveAuthorizationCode = function(authorizationCode, expiresAt, scope, client, redirectUri, user, codeChallenge, codeChallengeMethod) {
-  const code = {
+  let code = {
     authorizationCode: authorizationCode,
     expiresAt: expiresAt,
     redirectUri: redirectUri,
-    scope: scope,
-    codeChallenge: codeChallenge,
-    codeChallengeMethod: codeChallengeMethod
+    scope: scope
   };
+
+  if(codeChallenge && codeChallengeMethod){
+    code = Object.assign({
+      codeChallenge: codeChallenge,
+      codeChallengeMethod: codeChallengeMethod
+    }, code);
+  }
   return promisify(this.model.saveAuthorizationCode, 3).call(this.model, code, client, user);
 };
 
diff --git a/test/unit/handlers/authorize-handler_test.js b/test/unit/handlers/authorize-handler_test.js
@@ -87,6 +87,26 @@ describe('AuthorizeHandler', function() {
       };
       const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model });
 
+      return handler.saveAuthorizationCode('foo', 'bar', 'qux', 'biz', 'baz', 'boz')
+        .then(function() {
+          model.saveAuthorizationCode.callCount.should.equal(1);
+          model.saveAuthorizationCode.firstCall.args.should.have.length(3);
+          model.saveAuthorizationCode.firstCall.args[0].should.eql({ authorizationCode: 'foo', expiresAt: 'bar', redirectUri: 'baz', scope: 'qux' });
+          model.saveAuthorizationCode.firstCall.args[1].should.equal('biz');
+          model.saveAuthorizationCode.firstCall.args[2].should.equal('boz');
+          model.saveAuthorizationCode.firstCall.thisValue.should.equal(model);
+        })
+        .catch(should.fail);
+    });
+
+    it('should call `model.saveAuthorizationCode()` with code challenge', function() {
+      const model = {
+        getAccessToken: function() {},
+        getClient: function() {},
+        saveAuthorizationCode: sinon.stub().returns({})
+      };
+      const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model });
+
       return handler.saveAuthorizationCode('foo', 'bar', 'qux', 'biz', 'baz', 'boz', 'codeChallenge', 'codeChallengeMethod')
         .then(function() {
           model.saveAuthorizationCode.callCount.should.equal(1);
