From e67b451399b6ec9fc0cd96e21cd0027b55b67136 Mon Sep 17 00:00:00 2001
From: Eduardo Gurgel <eduardo@gurgel.me>
Date: Sat, 23 Jun 2018 12:07:03 +1200
Subject: [PATCH] Fix EventHandler.is_authrozied/2 for unauthorized requests

---
 lib/poxa/event_handler.ex               | 13 ++++++-------
 test/event_handler_test.exs             |  2 +-
 test/integration/trigger_event_test.exs | 13 ++++++++++++-
 3 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/lib/poxa/event_handler.ex b/lib/poxa/event_handler.ex
index 68dc964..26701d6 100644
--- a/lib/poxa/event_handler.ex
+++ b/lib/poxa/event_handler.ex
@@ -47,13 +47,12 @@ defmodule Poxa.EventHandler do
     {qs_vals, req} = :cowboy_req.qs_vals(req)
     {method, req} = :cowboy_req.method(req)
     {path, req} = :cowboy_req.path(req)
-    authorized = Authentication.check(method, path, body, qs_vals)
-    req = if authorized do
-            req
-          else
-            :cowboy_req.set_resp_body(@authentication_error_json, req)
-          end
-    {authorized, req, state}
+    if Authentication.check(method, path, body, qs_vals) do
+      {true, req, state}
+    else
+      req = :cowboy_req.set_resp_body(@authentication_error_json, req)
+      {{false, "Authentication error"}, req, state}
+    end
   end
 
 
diff --git a/test/event_handler_test.exs b/test/event_handler_test.exs
index e37c905..ab768b8 100644
--- a/test/event_handler_test.exs
+++ b/test/event_handler_test.exs
@@ -53,7 +53,7 @@ defmodule Poxa.EventHandlerTest do
     expect(:cowboy_req, :path, 1, {:path, :req3})
     expect(:cowboy_req, :set_resp_body, 2, :req4)
 
-    assert is_authorized(:req, %{body: :body}) == {false, :req4, %{body: :body}}
+    assert is_authorized(:req, %{body: :body}) == {{false, "Authentication error"}, :req4, %{body: :body}}
 
     assert validate Authentication
     assert validate :cowboy_req
diff --git a/test/integration/trigger_event_test.exs b/test/integration/trigger_event_test.exs
index e97cccc..b0696b0 100644
--- a/test/integration/trigger_event_test.exs
+++ b/test/integration/trigger_event_test.exs
@@ -5,10 +5,13 @@ defmodule Poxa.Integration.TriggerEvent do
 
   setup_all do
     Application.ensure_all_started(:pusher)
-    Pusher.configure!("localhost", 8080, "app_id", "app_key", "secret")
     :ok
   end
 
+  setup do
+    Pusher.configure!("localhost", 8080, "app_id", "app_key", "secret")
+  end
+
   test "trigger event returns 200" do
     [channel, socket_id] = ["channel", "123.456"]
 
@@ -26,4 +29,12 @@ defmodule Poxa.Integration.TriggerEvent do
 
     assert Pusher.trigger("test_event", %{}, channel, socket_id) == :error
   end
+
+
+  test "trigger event returns 401 on invalid authentication" do
+    [channel, socket_id] = ["channel", "123.456"]
+
+    Pusher.configure!("localhost", 8080, "app_id", "app_key", "wrong_secret")
+    assert Pusher.trigger("test_event", %{}, channel, socket_id) == :error
+  end
 end