Fix auth token revocation (#157)

2018-08-15 20:50:16 +01:00 · 2018-08-15 20:50:16 +01:00 · e521abd799
parent 9b49da35b6
commit e521abd799
3 changed files with 14 additions and 14 deletions
--- a/lib/googleauth/user_refresh.rb
+++ b/lib/googleauth/user_refresh.rb
@ -94,7 +94,7 @@ module Google
        c = options[:connection] || Faraday.default_connection

        retry_with_error do
-          resp = c.get(REVOKE_TOKEN_URI, token: refresh_token || access_token)
+          resp = c.post(REVOKE_TOKEN_URI, token: refresh_token || access_token)
          case resp.status
          when 200
            self.access_token = nil
--- a/spec/googleauth/user_authorizer_spec.rb
+++ b/spec/googleauth/user_authorizer_spec.rb
@ -299,17 +299,17 @@ describe Google::Auth::UserAuthorizer do

    before(:example) do
      token_store.store('user1', token_json)
-      stub_request(
-        :get, 'https://oauth2.googleapis.com/revoke?token=refreshtoken'
-      )
+      stub_request(:post, 'https://oauth2.googleapis.com/revoke')
+        .with(body: hash_including('token' => 'refreshtoken'))
        .to_return(status: 200)
    end

    it 'should revoke the grant' do
      authorizer.revoke_authorization('user1')
      expect(a_request(
-               :get, 'https://oauth2.googleapis.com/revoke?token=refreshtoken'
-      ))
+               :post, 'https://oauth2.googleapis.com/revoke'
+             ).with(body: hash_including('token' => 'refreshtoken'))
+      )
        .to have_been_made
    end

--- a/spec/googleauth/user_refresh_spec.rb
+++ b/spec/googleauth/user_refresh_spec.rb
@ -246,8 +246,8 @@ describe Google::Auth::UserRefreshCredentials do

  describe 'when revoking a refresh token' do
    let(:stub) do
-      stub_request(:get, 'https://oauth2.googleapis.com/revoke' \
-                         '?token=refreshtoken')
+      stub_request(:post, 'https://oauth2.googleapis.com/revoke')
+        .with(body: hash_including('token' => 'refreshtoken'))
        .to_return(status: 200,
                   headers: { 'Content-Type' => 'application/json' })
    end
@ -262,8 +262,8 @@ describe Google::Auth::UserRefreshCredentials do

  describe 'when revoking an access token' do
    let(:stub) do
-      stub_request(:get, 'https://oauth2.googleapis.com/revoke' \
-                         '?token=accesstoken')
+      stub_request(:post, 'https://oauth2.googleapis.com/revoke')
+        .with(body: hash_including('token' => 'accesstoken'))
        .to_return(status: 200,
                   headers: { 'Content-Type' => 'application/json' })
    end
@ -280,8 +280,8 @@ describe Google::Auth::UserRefreshCredentials do

  describe 'when revoking an invalid token' do
    let(:stub) do
-      stub_request(:get, 'https://oauth2.googleapis.com/revoke' \
-                         '?token=refreshtoken')
+      stub_request(:post, 'https://oauth2.googleapis.com/revoke')
+        .with(body: hash_including('token' => 'refreshtoken'))
        .to_return(status: 400,
                   headers: { 'Content-Type' => 'application/json' })
    end
@ -296,14 +296,14 @@ describe Google::Auth::UserRefreshCredentials do

  describe 'when errors occurred with request' do
    it 'should fail with Signet::AuthorizationError if request times out' do
-      allow_any_instance_of(Faraday::Connection).to receive(:get)
+      allow_any_instance_of(Faraday::Connection).to receive(:post)
        .and_raise(Faraday::TimeoutError)
      expect { @client.revoke! }
        .to raise_error Signet::AuthorizationError
    end

    it 'should fail with Signet::AuthorizationError if request fails' do
-      allow_any_instance_of(Faraday::Connection).to receive(:get)
+      allow_any_instance_of(Faraday::Connection).to receive(:post)
        .and_raise(Faraday::ConnectionFailed, nil)
      expect { @client.revoke! }
        .to raise_error Signet::AuthorizationError