More descriptive error message when code exchange fails #86

glena · glena · commit 34b3d189778b · 2016-06-21T10:03:49.000-03:00
diff --git a/src/Auth0.php b/src/Auth0.php
@@ -230,25 +230,31 @@ private function exchangeCode() {
         // Generate the url to the API that will give us the access token and id token
         $auth_url = $this->generateUrl('token');
         // Make the call
-        $auth0_response = $this->oauth_client->getAccessToken($auth_url, "authorization_code", array(
+        $response = $this->oauth_client->getAccessToken($auth_url, "authorization_code", array(
             "code" => $code,
             "redirect_uri" => $this->redirect_uri
         ), array(
             'Auth0-Client' => ApiClient::getInfoHeadersData()->build()
         ));
 
-        // Parse it
-        $auth0_response = $auth0_response['result'];
+        $auth0_response = $response['result'];
+
+        if ($response['code'] !== 200) {
+            throw new ApiException($auth0_response['error'] . ': '. $auth0_response['error_description']);
+        }
+
         $this->debugInfo(json_encode($auth0_response));
         $access_token = (isset($auth0_response['access_token']))? $auth0_response['access_token'] : false;
         $id_token = (isset($auth0_response['id_token']))? $auth0_response['id_token'] : false;
 
         if (!$access_token) {
             throw new ApiException('Invalid access_token - Retry login.');
         }
-        if (!$id_token) {
-            throw new ApiException('Missing JWT after code exchange. Remember to ask for openid scope.');
+
+        if (!$id_token) { // id_token is not mandatory anymore. There is no need to force openid connect
+            $this->debugInfo('Missing id_token after code exchange. Remember to ask for openid scope.');
         }
+
         // Set the access token in the oauth client for future calls to the Auth0 API
         $this->oauth_client->setAccessToken($access_token);
         $this->oauth_client->setAccessTokenType(Client::ACCESS_TOKEN_BEARER);
diff --git a/tests/AuthApiTest.php b/tests/AuthApiTest.php
@@ -78,7 +78,9 @@ public function testLogoutLink() {
         $api = new Auth0AuthApi($env['DOMAIN'], $env['GLOBAL_CLIENT_ID'], $env['GLOBAL_CLIENT_SECRET']);
 
         $this->assertSame("https://" . $env['DOMAIN'] . "/logout?", $api->get_logout_link());
+        
         $this->assertSame("https://" . $env['DOMAIN'] . "/logout?returnTo=http%3A%2F%2Fexample.com", $api->get_logout_link("http://example.com"));
+
         $this->assertSame("https://" . $env['DOMAIN'] . "/logout?returnTo=http%3A%2F%2Fexample.com&client_id=" . $env['GLOBAL_CLIENT_ID'], $api->get_logout_link("http://example.com", $env['GLOBAL_CLIENT_ID']));
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -78,7 +78,9 @@ public function testLogoutLink() {`
`78`	`78`	`$api = new Auth0AuthApi($env['DOMAIN'], $env['GLOBAL_CLIENT_ID'], $env['GLOBAL_CLIENT_SECRET']);`
`79`	`79`
`80`	`80`	`$this->assertSame("https://" . $env['DOMAIN'] . "/logout?", $api->get_logout_link());`
	`81`	`+`
`81`	`82`	`$this->assertSame("https://" . $env['DOMAIN'] . "/logout?returnTo=http%3A%2F%2Fexample.com", $api->get_logout_link("http://example.com"));`
	`83`	`+`
`82`	`84`	`$this->assertSame("https://" . $env['DOMAIN'] . "/logout?returnTo=http%3A%2F%2Fexample.com&client_id=" . $env['GLOBAL_CLIENT_ID'], $api->get_logout_link("http://example.com", $env['GLOBAL_CLIENT_ID']));`
`83`	`85`	`}`
`84`	`86`	`}`