From 001d6352957cc7ea93b2739dfa79dfc6d60129e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89loi=20Rivard?= Date: Fri, 13 Sep 2024 15:07:25 +0200 Subject: [PATCH] tests: missing client_id on OIDC authorization page --- canaille/oidc/endpoints/oauth.py | 4 +++- tests/oidc/test_authorization_code_flow.py | 17 +++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/canaille/oidc/endpoints/oauth.py b/canaille/oidc/endpoints/oauth.py index 134fad88..8ca2e8e9 100644 --- a/canaille/oidc/endpoints/oauth.py +++ b/canaille/oidc/endpoints/oauth.py @@ -50,7 +50,9 @@ def authorize(): request.form.to_dict(flat=False), ) - client = Backend.instance.get(models.Client, client_id=request.args["client_id"]) + client = Backend.instance.get( + models.Client, client_id=request.args.get("client_id") + ) user = current_user() if response := authorize_guards(client): diff --git a/tests/oidc/test_authorization_code_flow.py b/tests/oidc/test_authorization_code_flow.py index 0918a1ad..c4a28a49 100644 --- a/tests/oidc/test_authorization_code_flow.py +++ b/tests/oidc/test_authorization_code_flow.py @@ -763,3 +763,20 @@ def test_locked_account( ) assert "access_token" not in res.json + + +def test_missing_client_id( + testclient, logged_user, client, keypair, trusted_client, backend +): + """Missing client_id should raise a 400 error.""" + + res = testclient.get( + "/oauth/authorize", + params=dict( + response_type="code", + scope="openid profile email groups address phone", + nonce="somenonce", + ), + status=400, + ) + res.mustcontain("client_id parameter is missing.")