Updated based on PR feedback

OfficeDev · Apr 17, 2024 · d7a5048 · d7a5048
1 parent c3004d9
commit d7a5048
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 7 deletions.
diff --git a/change/@microsoft-teams-js-40968a44-8220-4162-a289-038e99f5bee3.json b/change/@microsoft-teams-js-40968a44-8220-4162-a289-038e99f5bee3.json
@@ -1,6 +1,6 @@
 {
   "type": "patch",
-  "comment": "Updated `authention.authenticate` so that it only accepts https URLs.",
+  "comment": "Updated `authentication.authenticate` so that it only accepts https URLs.",
   "packageName": "@microsoft/teams-js",
   "email": "trharris@microsoft.com",
   "dependentChangeType": "patch"

diff --git a/packages/teams-js/src/public/authentication.ts b/packages/teams-js/src/public/authentication.ts
@@ -197,7 +197,7 @@ export namespace authentication {
 
   function throwIfStringNotValidHttpsUrl(link: string): void {
     if (!isValidHttpsURL(new URL(link))) {
-      throw new Error(`${ErrorCode.INVALID_ARGUMENTS}: url must be https`);
+      throw new Error(`${ErrorCode.INVALID_ARGUMENTS}: ${link} must be valid https URL`);
     }
   }
 

diff --git a/packages/teams-js/test/public/authentication.spec.ts b/packages/teams-js/test/public/authentication.spec.ts
@@ -370,7 +370,9 @@ describe('Testing authentication capability', () => {
             };
 
             const promise = authentication.authenticate(authenticationParams);
-            await expect(promise).rejects.toThrowError(`${ErrorCode.INVALID_ARGUMENTS}: url must be https`);
+            await expect(promise).rejects.toThrowError(
+              `${ErrorCode.INVALID_ARGUMENTS}: ${authenticationParams.url} must be valid https URL`,
+            );
           });
 
           it(`authentication.authenticate it should successfully handle auth success in a non-web client in legacy flow from ${context} context`, (done) => {
@@ -432,7 +434,9 @@ describe('Testing authentication capability', () => {
             };
 
             const promise = authentication.authenticate(authenticationParams);
-            await expect(promise).rejects.toThrowError(`${ErrorCode.INVALID_ARGUMENTS}: url must be https`);
+            await expect(promise).rejects.toThrowError(
+              `${ErrorCode.INVALID_ARGUMENTS}: ${authenticationParams.url} must be valid https URL`,
+            );
           });
           it(`authentication.authenticate should open a client window in web client in legacy flow from ${context} context`, async () => {
             expect.assertions(5);
@@ -941,16 +945,18 @@ describe('Testing authentication capability', () => {
             await expect(promise).resolves.toEqual(mockResult);
           });
 
-          it(`authentication.authenticate should throw an error if non-https URL passed in`, async () => {
+          it(`authentication.authenticate should throw an error on non-web platforms if non-https URL passed in`, async () => {
             await utils.initializeWithContext(context, HostClientType.desktop);
             const authenticationParams: authentication.AuthenticatePopUpParameters = {
-              url: 'http://someurl',
+              url: 'http://someurl/',
               width: 100,
               height: 200,
               isExternal: true,
             };
             const promise = authentication.authenticate(authenticationParams);
-            await expect(promise).rejects.toThrowError(`${ErrorCode.INVALID_ARGUMENTS}: url must be https`);
+            await expect(promise).rejects.toThrowError(
+              `${ErrorCode.INVALID_ARGUMENTS}: ${authenticationParams.url} must be valid https URL`,
+            );
           });
 
           it(`authentication.authenticate should handle auth failure with parameters in a non-web client from ${context} context`, async () => {