From 6599086ca943944a9bee67e22abe16912512d02c Mon Sep 17 00:00:00 2001
From: Tomas Pazderka <tomas.pazderka@nic.cz>
Date: Thu, 24 Aug 2017 10:01:10 +0200
Subject: [PATCH] Correctly create error response when wrong response_mode
 requested

Close #413
---
 CHANGELOG.md                  |  2 ++
 src/oic/oauth2/provider.py    |  2 +-
 tests/test_oauth2_provider.py | 14 ++++++++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4888f170b..2ba8688d7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,8 +10,10 @@ The format is based on the [KeepAChangeLog] project.
 ### Fixed
 - [#405]: Fix generation of endpoint urls
 - [#411]: Empty lists not indexable
+- [#413]: Fix error when wrong response_mode requested
 
 [#405]: https://github.com/OpenIDC/pyoidc/issues/405
+[#413]: https://github.com/OpenIDC/pyoidc/issues/413
 
 ## 0.11.0.0 [2017-07-07]
 
diff --git a/src/oic/oauth2/provider.py b/src/oic/oauth2/provider.py
index 0094c07be..806d3da71 100644
--- a/src/oic/oauth2/provider.py
+++ b/src/oic/oauth2/provider.py
@@ -744,7 +744,7 @@ def _complete_authz(self, user, areq, sid, **kwargs):
                                           redirect_uri=redirect_uri,
                                           headers=headers)
             except InvalidRequest as err:
-                return error("invalid_request", err)
+                return error("invalid_request", str(err))
             else:
                 if resp is not None:
                     return resp
diff --git a/tests/test_oauth2_provider.py b/tests/test_oauth2_provider.py
index 05891c69d..55624029e 100644
--- a/tests/test_oauth2_provider.py
+++ b/tests/test_oauth2_provider.py
@@ -123,6 +123,20 @@ def test_authorization_endpoint_faulty_redirect_uri(self):
         msg = json.loads(resp.message)
         assert msg["error"] == "invalid_request"
 
+    def test_authorization_endpoint_wronge_response_mode(self):
+        bib = {"scope": ["openid"],
+               "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
+               "redirect_uri": "http://example.com",
+               "response_type": ["code"],
+               "response_mode": "fragment",
+               "client_id": "a1b2c3"}
+
+        arq = AuthorizationRequest(**bib)
+        resp = self.provider.authorization_endpoint(request=arq.to_urlencoded())
+        assert resp.status == "400 Bad Request"
+        msg = json.loads(resp.message)
+        assert msg["error"] == "invalid_request"
+
     def test_authorization_endpoint_faulty_redirect_uri_nwalker(self):
         bib = {"scope": ["openid"],
                "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",