sharpetronics/stripe-ruby
1
0
Fork 0
mirror of https://github.com/stripe/stripe-ruby.git synced 2025-11-27 00:03:06 -05:00
Code Issues Projects Releases Wiki Activity

Improve error handling safety in the event of unrecognized OAuth error

Browse Source 
It was brought up in #562 that in case we receive an OAuth error that we
don't know about, `specific_oauth_error` will fall through with a `nil`,
then picked up by `specific_api_error` which will always try to handle
the error as if it were a `Hash` (even if we know it's not!) and thus
lead to typing problems at runtime.

This patch throws a generic `OAuthError` in cases where a code comes
back that we don't recognize. I'm still crazy about the fact that we
don't have a better way of recognizing an OAuth error in particular, but
it should do the trick.
This commit is contained in:
Brandur 2017-07-27 09:01:53 -07:00
parent 713d7f9fa8
commit 24a1704f05
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/stripe/stripe_client.rb
View File

@ -249,8 +249,7 @@ module Stripe
if error_data.is_a?(String) if error_data.is_a?(String)
error = specific_oauth_error(resp, error_data) error = specific_oauth_error(resp, error_data)
end else
if error.nil?
error = specific_api_error(resp, error_data) error = specific_api_error(resp, error_data)
end end
@ -319,7 +318,9 @@ module Stripe
when 'unsupported_grant_type' then OAuth::UnsupportedGrantTypeError.new(*args) when 'unsupported_grant_type' then OAuth::UnsupportedGrantTypeError.new(*args)
when 'unsupported_response_type' then OAuth::UnsupportedResponseTypeError.new(*args) when 'unsupported_response_type' then OAuth::UnsupportedResponseTypeError.new(*args)
else else
nil # We'd prefer that all errors are typed, but we create a generic
# OAuthError in case we run into a code that we don't recognize.
OAuth::OAuthError.new(*args)
end end
end end

18
test/stripe/stripe_client_test.rb
View File

@ -386,6 +386,24 @@ module Stripe
assert_equal('invalid_client', e.code) assert_equal('invalid_client', e.code)
assert_equal('This application is not connected to stripe account acct_19tLK7DSlTMT26Mk, or that account does not exist.', e.message) assert_equal('This application is not connected to stripe account acct_19tLK7DSlTMT26Mk, or that account does not exist.', e.message)
end end
should "raise Stripe::OAuthError on indeterminate OAuth error" do
stub_request(:post, "#{Stripe.connect_base}/oauth/deauthorize").
to_return(body: JSON.generate({
error: "new_code_not_recognized",
error_description: "Something.",
}), status: 401)
client = StripeClient.new
opts = {api_base: Stripe.connect_base}
e = assert_raises Stripe::OAuth::OAuthError do
client.execute_request(:post, '/oauth/deauthorize', opts)
end
assert_equal(401, e.http_status)
assert_equal("new_code_not_recognized", e.code)
assert_equal("Something.", e.message)
end
end end
context "idempotency keys" do context "idempotency keys" do