Merge branch 'master' into 445_confirm_redirect

1 files changed, 16 insertions, 0 deletions

diff --git a/tests/oauth2/rfc6749/endpoints/test_error_responses.py b/tests/oauth2/rfc6749/endpoints/test_error_responses.py
index 00f7ba6..ef05c4d 100644
--- a/tests/oauth2/rfc6749/endpoints/test_error_responses.py
+++ b/tests/oauth2/rfc6749/endpoints/test_error_responses.py
@@ -44,6 +44,22 @@ class ErrorResponseTest(TestCase):
         self.assertRaises(errors.InvalidRedirectURIError,
                 self.mobile.create_authorization_response, uri.format('token'), scopes=['foo'])
 
+    def test_invalid_default_redirect_uri(self):
+        uri = 'https://example.com/authorize?response_type={0}&client_id=foo'
+        self.validator.get_default_redirect_uri.return_value = "wrong"
+
+        # Authorization code grant
+        self.assertRaises(errors.InvalidRedirectURIError,
+                self.web.validate_authorization_request, uri.format('code'))
+        self.assertRaises(errors.InvalidRedirectURIError,
+                self.web.create_authorization_response, uri.format('code'), scopes=['foo'])
+
+        # Implicit grant
+        self.assertRaises(errors.InvalidRedirectURIError,
+                self.mobile.validate_authorization_request, uri.format('token'))
+        self.assertRaises(errors.InvalidRedirectURIError,
+                self.mobile.create_authorization_response, uri.format('token'), scopes=['foo'])
+
     def test_missing_redirect_uri(self):
         uri = 'https://example.com/authorize?response_type={0}&client_id=foo'