fix: server error when redirect_uri_info is not passed in the sign_in…

…_up API
supertokens · Oct 24, 2023 · e6f4516 · e6f4516
1 parent 32d307b
commit e6f4516
Show file tree

Hide file tree

Showing 2 changed files with 75 additions and 12 deletions.
diff --git a/supertokens_python/recipe/thirdparty/api/signinup.py b/supertokens_python/recipe/thirdparty/api/signinup.py
@@ -42,16 +42,16 @@ async def handle_sign_in_up_api(
     if third_party_id is None or not isinstance(third_party_id, str):
         raise_bad_input_exception("Please provide the thirdPartyId in request body")
 
-    redirect_uri_info = body.get("redirectURIInfo")
-    oauth_tokens = body.get("oAuthTokens")
-
-    if redirect_uri_info is not None:
-        if redirect_uri_info.get("redirectURIOnProviderDashboard") is None:
+    oauth_tokens = None
+    redirect_uri_info = None
+    if body.get("redirectURIInfo") is not None:
+        if body.get("redirectURIInfo").get("redirectURIOnProviderDashboard") is None:
             raise_bad_input_exception(
                 "Please provide the redirectURIOnProviderDashboard in request body"
             )
-    elif oauth_tokens is not None:
-        pass  # Nothing to do here
+        redirect_uri_info = body.get("redirectURIInfo")
+    elif body.get("oAuthTokens") is not None:
+        oauth_tokens = body.get("oAuthTokens")
     else:
         raise_bad_input_exception(
             "Please provide one of redirectURIInfo or oAuthTokens in the request body"
@@ -71,15 +71,18 @@ async def handle_sign_in_up_api(
 
     provider = provider_response
 
-    result = await api_implementation.sign_in_up_post(
-        provider=provider,
-        redirect_uri_info=RedirectUriInfo(
+    if redirect_uri_info is not None:
+        redirect_uri_info = RedirectUriInfo(
             redirect_uri_on_provider_dashboard=redirect_uri_info.get(
                 "redirectURIOnProviderDashboard"
             ),
             redirect_uri_query_params=redirect_uri_info.get("redirectURIQueryParams"),
             pkce_code_verifier=redirect_uri_info.get("pkceCodeVerifier"),
-        ),
+        )
+
+    result = await api_implementation.sign_in_up_post(
+        provider=provider,
+        redirect_uri_info=redirect_uri_info,
         oauth_tokens=oauth_tokens,
         tenant_id=tenant_id,
         api_options=api_options,

diff --git a/tests/thirdparty/test_thirdparty.py b/tests/thirdparty/test_thirdparty.py
@@ -49,7 +49,7 @@ async def fastapi_client():
     app = FastAPI()
     app.add_middleware(get_middleware())
 
-    return TestClient(app, raise_server_exceptions=False)
+    return TestClient(app, raise_server_exceptions=True)
 
 
 async def test_thirdpary_parsing_works(fastapi_client: TestClient):
@@ -268,3 +268,63 @@ async def test_signinup_works_when_validate_access_token_does_not_throw(
     assert res.status_code == 200
     assert access_token_validated is True
     assert res.json()["status"] == "OK"
+
+
+async def test_signinup_android_without_redirect_uri(
+    fastapi_client: TestClient, mocker: MockerFixture
+):
+    time = str(datetime.datetime.now())
+    mocker.patch(
+        "supertokens_python.recipe.thirdparty.providers.custom.get_supertokens_user_info_result_from_raw_user_info",
+        return_value=UserInfo(
+            "" + time,
+            UserInfoEmail(f"johndoeprovidertest+{time}@supertokens.com", True),
+            RawUserInfoFromProvider({}, {}),
+        ),
+    )
+    st_init_args = {
+        **st_init_common_args,
+        "recipe_list": [
+            session.init(),
+            thirdpartyemailpassword.init(
+                providers=[
+                    ProviderInput(
+                        config=ProviderConfig(
+                            third_party_id="custom",
+                            clients=[
+                                ProviderClientConfig(
+                                    client_id="test",
+                                    client_secret="test-secret",
+                                    scope=["profile", "email"],
+                                    client_type="android",
+                                ),
+                            ],
+                            authorization_endpoint="https://example.com/oauth/authorize",
+                            authorization_endpoint_query_params={
+                                "response_type": "token",  # Changing an existing parameter
+                                "response_mode": "form",  # Adding a new parameter
+                                "scope": None,  # Removing a parameter
+                            },
+                            token_endpoint="https://example.com/oauth/token",
+                        ),
+                    )
+                ]
+            ),
+        ],
+    }
+    init(**st_init_args)  # type: ignore
+    start_st()
+
+    res = fastapi_client.post(
+        "/auth/signinup",
+        json={
+            "thirdPartyId": "custom",
+            "clientType": "android",
+            "oAuthTokens": {
+                "access_token": "accesstoken",
+                "id_token": "idtoken",
+            },
+        },
+    )
+    assert res.status_code == 200
+    assert res.json()["status"] == "OK"