Qlockify/qlockify-backend-deployment
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(oauth): add callback error page for google oauth flow
Some checks failed
Backend CI/CD / test (push) Has been cancelled
Details
Backend CI/CD / deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Amirhossein Khalili
2026-05-22 01:01:21 +03:30
parent 4d05d4d590
commit b79fd73403
3 changed files with 109 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
apps/users/tests/test_api_views.py
View File

@@ -7,7 +7,7 @@ from django.core.cache import cache
from django.core.management import call_command
from django.db import IntegrityError
from django.test import override_settings
from rest_framework import status
from rest_framework import serializers, status
from rest_framework.test import APIRequestFactory, APITestCase
from apps.users.api.views import RegisterWithPasswordView
@@ -673,6 +673,41 @@ class GoogleOAuthApiTests(APITestCase):
self.assertEqual(flow_response.data["resolution"], "new_account")
self.assertIsNone(flow_response.data["mobile_hint"])
def test_google_callback_redirects_cancellation_back_to_frontend(self):
response = self.client.get(
"/api/users/oauth/google/callback/?error=access_denied&error_description=User%20cancelled",
)
self.assertEqual(response.status_code, 302)
self.assertIn("/auth/google/callback?error=access_denied", response["Location"])
self.assertIn("error_description=User+cancelled", response["Location"])
@patch("apps.users.api.views.exchange_code_for_google_profile")
def test_google_callback_redirects_backend_errors_back_to_frontend(
self,
exchange_code_for_google_profile,
):
exchange_code_for_google_profile.side_effect = serializers.ValidationError(
{"detail": "Google token exchange failed."}
)
start_response = self.client.get("/api/users/oauth/google/start/")
state = start_response["Location"].split("state=", 1)[1].split("&", 1)[0]
response = self.client.get(
f"/api/users/oauth/google/callback/?state={state}&code=google-code",
)
self.assertEqual(response.status_code, 302)
self.assertIn(
"/auth/google/callback?error=google_callback_failed",
response["Location"],
)
self.assertIn(
"error_description=Google+token+exchange+failed.",
response["Location"],
)
@patch("apps.users.api.views.exchange_code_for_google_profile")
def test_google_callback_redirects_with_email_claim_flow_for_matching_email(
self,