Remove telemetry from authorize URL

auth0 · Mar 27, 2019 · 73e4907 · 73e4907
1 parent 278aa9f
commit 73e4907
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 8 deletions.
diff --git a/lib/omniauth/strategies/auth0.rb b/lib/omniauth/strategies/auth0.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'base64'
 require 'uri'
 require 'omniauth-oauth2'
@@ -75,16 +77,14 @@ def client
       # Define the parameters used for the /authorize endpoint
       def authorize_params
         params = super
-        params['auth0Client'] = telemetry_encoded
-        parse_query = Rack::Utils.parse_query(request.query_string)
-        params['connection'] = parse_query['connection']
-        params['prompt'] = parse_query['prompt']
+        parsed_query = Rack::Utils.parse_query(request.query_string)
+        params['connection'] = parsed_query['connection']
+        params['prompt'] = parsed_query['prompt']
         params
       end
 
       def build_access_token
-        telemetry_header = { 'Auth0-Client' => telemetry_encoded }
-        options.token_params.merge!(:headers => telemetry_header)
+        options.token_params[:headers] = { 'Auth0-Client' => telemetry_encoded }
         super
       end
 

diff --git a/spec/omniauth/strategies/auth0_spec.rb b/spec/omniauth/strategies/auth0_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'jwt'
 
@@ -79,7 +81,7 @@
       expect(redirect_url).to have_query('state')
       expect(redirect_url).to have_query('client_id')
       expect(redirect_url).to have_query('redirect_uri')
-      expect(redirect_url).to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('auth0Client')
     end
 
     it 'redirects to hosted login page' do
@@ -92,7 +94,7 @@
       expect(redirect_url).to have_query('client_id')
       expect(redirect_url).to have_query('redirect_uri')
       expect(redirect_url).to have_query('connection', 'abcd')
-      expect(redirect_url).to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('auth0Client')
     end
 
     describe 'callback' do