Fix checkSession success response casing (#943)

auth0 · May 24, 2019 · 1bdbf67 · 1bdbf67
1 parent 30c643c
commit 1bdbf67
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/src/web-auth/index.js b/src/web-auth/index.js
@@ -481,7 +481,10 @@ WebAuth.prototype.checkSession = function(options, cb) {
   assert.check(cb, { type: 'function', message: 'cb parameter is not valid' });
 
   params = objectHelper.blacklist(params, ['usePostMessage', 'tenant', 'postMessageDataType']);
-  this.webMessageHandler.run(params, responseHandler(cb, { forceLegacyError: true }));
+  this.webMessageHandler.run(
+    params,
+    responseHandler(cb, { forceLegacyError: true, ignoreCasing: true })
+  );
 };
 
 /**

diff --git a/test/web-auth/web-auth.test.js b/test/web-auth/web-auth.test.js
@@ -2577,6 +2577,28 @@ describe('auth0.WebAuth', function() {
         done();
       });
     });
+    it('callback handles success response without changing idTokenPayload casing', function(done) {
+      var response = {
+        access_token: 'foobar',
+        idTokenPayload: {
+          email_verified: false
+        }
+      };
+      stub(WebAuth.prototype, 'validateAuthenticationResponse', function(options, parsedHash, cb) {
+        cb(null, {
+          accessToken: response.access_token,
+          idTokenPayload: response.idTokenPayload
+        });
+      });
+      stub(IframeHandler.prototype, 'init', function() {
+        this.callback({ event: { data: { response: response } } });
+      });
+      this.auth0.checkSession({}, function(err, data) {
+        expect(err).to.be(null);
+        expect(data).to.be.eql({ accessToken: 'foobar', idTokenPayload: response.idTokenPayload });
+        done();
+      });
+    });
   });
 
   context('validateToken', function() {