Merge pull request #118 from oauthjs/bugfix/object-property-access

Validate object property access

package.json

@@ -22,12 +22,12 @@
   },
   "homepage": "https://github.com/seegno/angular-oauth2",
   "dependencies": {
-    "angular": "^1.4.0",
-    "angular-cookies": "^1.4.0",
+    "angular": "1.5.9",
+    "angular-cookies": "1.5.9",
     "query-string": "^1.0.0"
   },
   "devDependencies": {
-    "angular-mocks": "^1.3.9",
+    "angular-mocks": "1.5.9",
     "github-changes": "^1.0.0",
     "gulp": "^3.8.10",
     "gulp-babel": "^5.3.0",

src/interceptors/oauth-interceptor.js

@@ -16,6 +16,10 @@ function oauthInterceptor($q, $rootScope, OAuthToken) {
       return config;
     },
     responseError: function(rejection) {
+      if (!rejection) {
+        return $q.reject(rejection);
+      }
+
       // Catch `invalid_request` and `invalid_grant` errors and ensure that the `token` is removed.
       if (400 === rejection.status && rejection.data &&
         ('invalid_request' === rejection.data.error || 'invalid_grant' === rejection.data.error)
@@ -29,7 +33,7 @@ function oauthInterceptor($q, $rootScope, OAuthToken) {
       // The token isn't removed here so it can be refreshed when the `invalid_token` error occurs.
       if (401 === rejection.status &&
         (rejection.data && 'invalid_token' === rejection.data.error) ||
-        (rejection.headers('www-authenticate') && 0 === rejection.headers('www-authenticate').indexOf('Bearer'))
+        (rejection.headers && rejection.headers('www-authenticate') && 0 === rejection.headers('www-authenticate').indexOf('Bearer'))
       ) {
         $rootScope.$emit('oauth:error', rejection);
       }

src/providers/oauth-token-provider.js

@@ -63,35 +63,44 @@ function OAuthTokenProvider() {
        */
 
       getAccessToken() {
-        return this.getToken() ? this.getToken().access_token : undefined;
+        const { access_token } = this.getToken() || {};
+
+        return access_token;
       }
 
       /**
        * Get authorizationHeader.
        */
 
       getAuthorizationHeader() {
-        if (!(this.getTokenType() && this.getAccessToken())) {
+        const tokenType = this.getTokenType();
+        const accessToken = this.getAccessToken();
+
+        if (!tokenType || !accessToken) {
           return;
         }
 
-        return `${this.getTokenType().charAt(0).toUpperCase() + this.getTokenType().substr(1)} ${this.getAccessToken()}`;
+        return `${tokenType.charAt(0).toUpperCase() + tokenType.substr(1)} ${accessToken}`;
       }
 
       /**
        * Get refreshToken.
        */
 
       getRefreshToken() {
-        return this.getToken() ? this.getToken().refresh_token : undefined;
+        const { refresh_token } = this.getToken() || {};
+
+        return refresh_token;
       }
 
       /**
        * Get tokenType.
        */
 
       getTokenType() {
-        return this.getToken() ? this.getToken().token_type : undefined;
+        const { token_type } = this.getToken() || {};
+
+        return token_type;
       }
 
       /**