Add another test for Code Flow.

openid_provider/tests/test_code_flow.py

@@ -3,6 +3,7 @@ from django.test import RequestFactory
 from django.test import TestCase
 from openid_provider.tests.utils import *
 from openid_provider.views import *
+import urllib
 
 
 class CodeFlowTestCase(TestCase):
@@ -26,4 +27,29 @@ class CodeFlowTestCase(TestCase):
         response = AuthorizeView.as_view()(request)
 
         self.assertEqual(response.status_code, 200)
-        self.assertEqual(bool(response.content), True)
+        self.assertEqual(bool(response.content), True)
+
+    def test_authorize_invalid_response_type(self):
+        """
+        The OP informs the RP by using the Error Response parameters defined
+        in Section 4.1.2.1 of OAuth 2.0.
+
+        See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError
+        """
+        # Create an authorize request with an unsupported response_type.
+        url = reverse('openid_provider:authorize')
+        url += '?client_id={0}&response_type=code%20id_token&scope=openid%20email' \
+               '&redirect_uri={1}&state=abcdefg'.format(
+                    self.client.client_id,
+                    urllib.quote(self.client.default_redirect_uri),
+                )
+        request = self.factory.get(url)
+
+        response = AuthorizeView.as_view()(request)
+
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.has_header('Location'), True)
+
+        # Check query component in the redirection URI.
+        correct_query = 'error=' in response['Location']
+        self.assertEqual(correct_query, True)