tests: use 'handle_error_response' for error management in unit tests

follow-up to #39

Author: azmeuk

docs/django/2/authorization-server.rst

@@ -152,10 +152,13 @@ The ``AuthorizationServer`` has provided built-in methods to handle these endpoi
 
     def authorize(request):
         if request.method == 'GET':
-            grant = server.get_consent_grant(request, end_user=request.user)
-            client = grant.client
-            scope = client.get_allowed_scope(grant.request.scope)
-            context = dict(grant=grant, client=client, scope=scope, user=request.user)
+            try:
+                grant = server.get_consent_grant(request, end_user=request.user)
+            except OAuth2Error as error:
+                return server.handle_error_response(request, error)
+
+            scope = grant.client.get_allowed_scope(grant.request.scope)
+            context = dict(grant=grant, client=grant.client, scope=scope, user=request.user)
             return render(request, 'authorize.html', context)
 
         if is_user_confirmed(request):

tests/flask/test_oauth2/oauth2_server.py

@@ -8,7 +8,6 @@
 from authlib.common.encoding import to_bytes
 from authlib.common.encoding import to_unicode
 from authlib.common.security import generate_token
-from authlib.common.urls import url_encode
 from authlib.integrations.flask_oauth2 import AuthorizationServer
 from authlib.integrations.sqla_oauth2 import create_query_client_func
 from authlib.integrations.sqla_oauth2 import create_save_token_func
@@ -39,23 +38,20 @@ def create_authorization_server(app, lazy=False):
 
     @app.route("/oauth/authorize", methods=["GET", "POST"])
     def authorize():
+        user_id = request.values.get("user_id")
+        if user_id:
+            end_user = db.session.get(User, int(user_id))
+        else:
+            end_user = None
+
         if request.method == "GET":
-            user_id = request.args.get("user_id")
-            if user_id:
-                end_user = db.session.get(User, int(user_id))
-            else:
-                end_user = None
             try:
                 grant = server.get_consent_grant(end_user=end_user)
                 return grant.prompt or "ok"
             except OAuth2Error as error:
-                return url_encode(error.get_body())
-        user_id = request.form.get("user_id")
-        if user_id:
-            grant_user = db.session.get(User, int(user_id))
-        else:
-            grant_user = None
-        return server.create_authorization_response(grant_user=grant_user)
+                return server.handle_error_response(request, error)
+
+        return server.create_authorization_response(grant_user=end_user)
 
     @app.route("/oauth/token", methods=["GET", "POST"])
     def issue_token():

tests/flask/test_oauth2/test_authorization_code_grant.py

@@ -94,7 +94,7 @@ def test_invalid_authorize(self):
     def test_unauthorized_client(self):
         self.prepare_data(True, "token")
         rv = self.client.get(self.authorize_url)
-        self.assertIn(b"unauthorized_client", rv.data)
+        self.assertIn("unauthorized_client", rv.location)
 
     def test_invalid_client(self):
         self.prepare_data()
@@ -254,8 +254,11 @@ def test_invalid_multiple_request_parameters(self):
             + "&scope=profile&state=bar&redirect_uri=https%3A%2F%2Fa.b&response_type=code"
         )
         rv = self.client.get(url)
-        self.assertIn(b"invalid_request", rv.data)
-        self.assertIn(b"Multiple+%27response_type%27+in+request.", rv.data)
+        resp = json.loads(rv.data)
+        self.assertEqual(resp["error"], "invalid_request")
+        self.assertEqual(
+            resp["error_description"], "Multiple 'response_type' in request."
+        )
 
     def test_client_secret_post(self):
         self.app.config.update({"OAUTH2_REFRESH_TOKEN_GENERATOR": True})

tests/flask/test_oauth2/test_code_challenge.py

@@ -61,7 +61,7 @@ def prepare_data(self, token_endpoint_auth_method="none"):
     def test_missing_code_challenge(self):
         self.prepare_data()
         rv = self.client.get(self.authorize_url + "&code_challenge_method=plain")
-        self.assertIn(b"Missing", rv.data)
+        self.assertIn("Missing", rv.location)
 
     def test_has_code_challenge(self):
         self.prepare_data()
@@ -76,13 +76,13 @@ def test_invalid_code_challenge(self):
         rv = self.client.get(
             self.authorize_url + "&code_challenge=abc&code_challenge_method=plain"
         )
-        self.assertIn(b"Invalid", rv.data)
+        self.assertIn("Invalid", rv.location)
 
     def test_invalid_code_challenge_method(self):
         self.prepare_data()
         suffix = "&code_challenge=Zhs2POMonIVVHZteWfoU7cSXQSm0YjghikFGJSDI2_s&code_challenge_method=invalid"
         rv = self.client.get(self.authorize_url + suffix)
-        self.assertIn(b"Unsupported", rv.data)
+        self.assertIn("Unsupported", rv.location)
 
     def test_supported_code_challenge_method(self):
         self.prepare_data()

tests/flask/test_oauth2/test_implicit_grant.py

@@ -56,7 +56,7 @@ def test_confidential_client(self):
     def test_unsupported_client(self):
         self.prepare_data(response_type="code")
         rv = self.client.get(self.authorize_url)
-        self.assertIn(b"unauthorized_client", rv.data)
+        self.assertIn("unauthorized_client", rv.location)
 
     def test_invalid_authorize(self):
         self.prepare_data()

tests/flask/test_oauth2/test_openid_implict_grant.py

@@ -73,8 +73,8 @@ def test_consent_view(self):
                 },
             )
         )
-        self.assertIn(b"error=invalid_request", rv.data)
-        self.assertIn(b"nonce", rv.data)
+        self.assertIn("error=invalid_request", rv.location)
+        self.assertIn("nonce", rv.location)
 
     def test_require_nonce(self):
         self.prepare_data()