Handle client_id/client_secret nil case. #85
Conversation
- `CGI.escape` throws errors on nil.
|
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/181076709 The labels on this github issue will be updated when the story is started. |
|
ok thanks. Do you need a new release urgently ? |
sure you can also create a new PR with new options The change itself was in uaac a while ago, but it should have been here before . |
It is ok from coding to have this, but for UAA there cannot be a nil in client_id or client_secret |
The commit (e351f4d) that introduced UAA url escape encoding compatibility means client_id and client_secret can no longer be nil or an error is thrown.
I am honestly not 100% sure if the nil case should be valid (we have a series of -- I think -- integration tests that are using nil here, so perhaps it is?). In any case, the nil case was previously supported. If the nil case is invalid, maybe this class should throw ArgumentError on instantiation instead?
I made this change targeted within the #request_token method because I'm not sure what the possible implications would be by defaulting it in the initialize, but that might arguably be a better place for it if it does not cause a behavior change.
One other minor note: when reading the code I found the option name
basic_autha little confusing, since both requests are using basic_auth. After reading about the reason for the switch, I wonder if something like "unescaped_basic_auth" (or something similar) might be a better name? If you agree, happy to also create a PR that provides both the old 'basic_auth' (for backwards compatibility) and new option.