Improve checking of OIDC ID tokens, and handle OIDC forgotten password flow correctly

author: Dave Arter <davea@mysociety.org> 2019-07-24 11:17:36 +0100
committer: Dave Arter <davea@mysociety.org> 2019-08-16 14:25:12 +0100
commit: 2865db75291b7520e7dd2a4023d44ba75d961090 (patch)
tree: 653223d54205578b064c722bb5d61f48894f7fd5 /t/app/controller
parent: 7372ee6e7233968b41a862845f1f2087dc5c891c (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/t/app/controller/auth_social.t b/t/app/controller/auth_social.t
index 6c80c9857..3a0539452 100644
--- a/t/app/controller/auth_social.t
+++ b/t/app/controller/auth_social.t
@@ -32,6 +32,8 @@ my $contact2 = $mech->create_contact_ok(
 );
 
 my $resolver = Test::MockModule->new('Email::Valid');
+my $social = Test::MockModule->new('FixMyStreet::App::Controller::Auth::Social');
+$social->mock('generate_nonce', sub { 'MyAwesomeRandomValue' });
 
 for my $test (
     {
@@ -72,7 +74,7 @@ for my $test (
     mock_hosts => ['oidc.example.org'],
     host => 'oidc.example.org',
     error_callback => '/auth/OIDC?error=ERROR',
-    success_callback => '/auth/OIDC?code=response-code',
+    success_callback => '/auth/OIDC?code=response-code&state=login',
     redirect_pattern => qr{oidc\.example\.org/oauth2/v2\.0/authorize},
     user_extras => [
         [westminster_account_id => "1c304134-ef12-c128-9212-123908123901"],
author	Dave Arter <davea@mysociety.org>	2019-07-24 11:17:36 +0100
committer	Dave Arter <davea@mysociety.org>	2019-08-16 14:25:12 +0100
commit	2865db75291b7520e7dd2a4023d44ba75d961090 (patch)
tree	653223d54205578b064c722bb5d61f48894f7fd5 /t/app/controller
parent	7372ee6e7233968b41a862845f1f2087dc5c891c (diff)