BeforeEach(func() { request.URL.Path = "/auth/b" request.URL.RawQuery = url.Values{ "redirect": {"/some-path"}, }.Encode() fakeProviderB.AuthCodeURLReturns(redirectTarget.URL()) }) It("redirects to the auth code URL", func() { Expect(response.StatusCode).To(Equal(http.StatusOK)) Expect(ioutil.ReadAll(response.Body)).To(Equal([]byte("sup"))) }) It("generates the auth code with a base64-encoded redirect URI as the state", func() { Expect(fakeProviderB.AuthCodeURLCallCount()).To(Equal(1)) state, _ := fakeProviderB.AuthCodeURLArgsForCall(0) decoded, err := base64.RawURLEncoding.DecodeString(state) Expect(err).ToNot(HaveOccurred()) var oauthState auth.OAuthState err = json.Unmarshal(decoded, &oauthState) Expect(err).ToNot(HaveOccurred()) Expect(oauthState.Redirect).To(Equal("/some-path")) }) It("sets the base64-encoded redirect URI as the OAuth state cookie", func() { Expect(fakeProviderB.AuthCodeURLCallCount()).To(Equal(1))