sharpetronics/stripe-ruby
1
0
Fork 0
mirror of https://github.com/stripe/stripe-ruby.git synced 2025-10-22 00:03:38 -04:00
Code Issues Projects Releases Wiki Activity

Override API key with client_secret in OAuth.token (#890)

Browse Source
This commit is contained in:
Olivier Bellone 2020-01-06 15:30:32 -08:00 committed by GitHub
parent e23ae43850
commit cddd3db2b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/stripe/oauth.rb
View File

@ -43,6 +43,7 @@ module Stripe
def self.token(params = {}, opts = {}) def self.token(params = {}, opts = {})
opts = Util.normalize_opts(opts) opts = Util.normalize_opts(opts)
opts[:api_key] = params[:client_secret] if params[:client_secret]
resp, opts = OAuthOperations.request( resp, opts = OAuthOperations.request(
:post, "/oauth/token", params, opts :post, "/oauth/token", params, opts
) )

16
test/stripe/oauth_test.rb
View File

@ -67,6 +67,22 @@ module Stripe
code: "this_is_an_authorization_code") code: "this_is_an_authorization_code")
assert_equal("sk_access_token", resp.access_token) assert_equal("sk_access_token", resp.access_token)
end end
should "override the API key when client_secret is passed" do
stub_request(:post, "#{Stripe.connect_base}/oauth/token")
.with(body: {
"client_secret" => "client_secret_override",
"grant_type" => "authorization_code",
"code" => "this_is_an_authorization_code",
})
.with(headers: { "Authorization": "Bearer client_secret_override" })
.to_return(body: JSON.generate(access_token: "another_access_token"))
resp = OAuth.token(client_secret: "client_secret_override",
grant_type: "authorization_code",
code: "this_is_an_authorization_code")
assert_equal("another_access_token", resp.access_token)
end
end end
context ".deauthorize" do context ".deauthorize" do