Merge 1d00c62 into 5121fde

omniauth · Oct 28, 2014 · bcf238f · bcf238f
2 parents 5121fde + 1d00c62
commit bcf238f
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/lib/omniauth/strategy.rb b/lib/omniauth/strategy.rb
@@ -257,7 +257,7 @@ def options_request?
     # in the event that OmniAuth has been configured to be
     # in test mode.
     def mock_call!(*)
-      return mock_request_call if on_request_path?
+      return mock_request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
       return mock_callback_call if on_callback_path?
       call_app!
     end

diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb
@@ -560,6 +560,11 @@ def make_env(path = '/auth/test', props = {})
         expect(response[1]['Location']).to eq('/auth/test/callback')
       end
 
+      it "doesn't short circuit the request if request method is not allowed" do
+        response = strategy.call(make_env('/auth/test', 'REQUEST_METHOD' => 'DESTROY'))
+        expect(response[0]).to eq(404)
+      end
+
       it 'is case insensitive on request path' do
         expect(strategy.call(make_env('/AUTH/Test'))[0]).to eq(302)
       end