From 73e4907bbb31a77ff2e7a2c8b824fe43cd09986d Mon Sep 17 00:00:00 2001
From: Josh Cunningham <josh@joshcanhelp.com>
Date: Fri, 15 Mar 2019 12:59:20 -0700
Subject: [PATCH] Remove telemetry from authorize URL

---
 lib/omniauth/strategies/auth0.rb       | 12 ++++++------
 spec/omniauth/strategies/auth0_spec.rb |  6 ++++--
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/lib/omniauth/strategies/auth0.rb b/lib/omniauth/strategies/auth0.rb
index 817115f..d6eb14b 100644
--- a/lib/omniauth/strategies/auth0.rb
+++ b/lib/omniauth/strategies/auth0.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'base64'
 require 'uri'
 require 'omniauth-oauth2'
@@ -75,16 +77,14 @@ def client
       # Define the parameters used for the /authorize endpoint
       def authorize_params
         params = super
-        params['auth0Client'] = telemetry_encoded
-        parse_query = Rack::Utils.parse_query(request.query_string)
-        params['connection'] = parse_query['connection']
-        params['prompt'] = parse_query['prompt']
+        parsed_query = Rack::Utils.parse_query(request.query_string)
+        params['connection'] = parsed_query['connection']
+        params['prompt'] = parsed_query['prompt']
         params
       end
 
       def build_access_token
-        telemetry_header = { 'Auth0-Client' => telemetry_encoded }
-        options.token_params.merge!(:headers => telemetry_header)
+        options.token_params[:headers] = { 'Auth0-Client' => telemetry_encoded }
         super
       end
 
diff --git a/spec/omniauth/strategies/auth0_spec.rb b/spec/omniauth/strategies/auth0_spec.rb
index fb5b5d1..c79baf6 100644
--- a/spec/omniauth/strategies/auth0_spec.rb
+++ b/spec/omniauth/strategies/auth0_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'jwt'
 
@@ -79,7 +81,7 @@
       expect(redirect_url).to have_query('state')
       expect(redirect_url).to have_query('client_id')
       expect(redirect_url).to have_query('redirect_uri')
-      expect(redirect_url).to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('auth0Client')
     end
 
     it 'redirects to hosted login page' do
@@ -92,7 +94,7 @@
       expect(redirect_url).to have_query('client_id')
       expect(redirect_url).to have_query('redirect_uri')
       expect(redirect_url).to have_query('connection', 'abcd')
-      expect(redirect_url).to have_query('auth0Client')
+      expect(redirect_url).not_to have_query('auth0Client')
     end
 
     describe 'callback' do