Fixed #4437: Uknown key in access token json: id_token

Ary Borenszweig · Ary Borenszweig · commit 31099237c87a · 2017-05-20T11:10:33.000-03:00
diff --git a/spec/std/oauth2/access_token_spec.cr b/spec/std/oauth2/access_token_spec.cr
@@ -56,6 +56,17 @@ class OAuth2::AccessToken
         }))
       access_token.expires_in.should be_nil
     end
+
+    it "builds from json with unknown key (#4437)" do
+      token = AccessToken.from_json(%({
+        "access_token" : "foo",
+        "token_type" : "Bearer",
+        "refresh_token" : "bar",
+        "scope" : "baz",
+        "unknown": [1, 2, 3]
+        }))
+      token.extra.not_nil!["unknown"].should eq("[1,2,3]")
+    end
   end
 
   describe Mac do
diff --git a/src/oauth2/access_token/access_token.cr b/src/oauth2/access_token/access_token.cr
@@ -10,6 +10,7 @@ abstract class OAuth2::AccessToken
     scope = nil
     mac_algorithm = nil
     mac_key = nil
+    extra = nil
 
     pull.read_object do |key|
       case key
@@ -21,7 +22,8 @@ abstract class OAuth2::AccessToken
       when "mac_algorithm" then mac_algorithm = pull.read_string
       when "mac_key"       then mac_key = pull.read_string
       else
-        raise "Uknown key in access token json: #{key}"
+        extra ||= {} of String => String
+        extra[key] = pull.read_raw
       end
     end
 
@@ -30,9 +32,9 @@ abstract class OAuth2::AccessToken
     if token_type
       case token_type.downcase
       when "bearer"
-        Bearer.new(access_token, expires_in, refresh_token, scope)
+        Bearer.new(access_token, expires_in, refresh_token, scope, extra)
       when "mac"
-        Mac.new(access_token, expires_in, mac_algorithm.not_nil!, mac_key.not_nil!, refresh_token, scope)
+        Mac.new(access_token, expires_in, mac_algorithm.not_nil!, mac_key.not_nil!, refresh_token, scope, Time.now.epoch, extra)
       else
         raise "Uknown token_type in access token json: #{token_type}"
       end
@@ -46,7 +48,15 @@ abstract class OAuth2::AccessToken
   property refresh_token : String?
   property scope : String?
 
-  def initialize(@access_token : String, expires_in : Int?, @refresh_token : String? = nil, @scope : String? = nil)
+  # JSON key-value pairs that are outside of the OAuth2 spec are
+  # stored in this property in case they are needed. Their value
+  # is the raw JSON string found in the JSON value (with possible
+  # changes in the string format, but preserving JSON semantic).
+  # For example if the value was `[1, 2, 3]` then the value in this hash
+  # will be the string "[1,2,3]".
+  property extra : Hash(String, String)?
+
+  def initialize(@access_token : String, expires_in : Int?, @refresh_token : String? = nil, @scope : String? = nil, @extra = nil)
     @expires_in = expires_in.try &.to_i64
   end
 
diff --git a/src/oauth2/access_token/mac.cr b/src/oauth2/access_token/mac.cr
@@ -12,8 +12,8 @@ class OAuth2::AccessToken::Mac < OAuth2::AccessToken
   property mac_key : String
   property issued_at : Int64
 
-  def initialize(access_token, expires_in, @mac_algorithm, @mac_key, refresh_token = nil, scope = nil, @issued_at = Time.now.epoch)
-    super(access_token, expires_in, refresh_token, scope)
+  def initialize(access_token, expires_in, @mac_algorithm, @mac_key, refresh_token = nil, scope = nil, @issued_at = Time.now.epoch, extra = nil)
+    super(access_token, expires_in, refresh_token, scope, extra)
   end
 
   def token_type
