diff --git a/lib/omniauth/strategy.rb b/lib/omniauth/strategy.rb
index fb228f946..5ec81f7d9 100644
--- a/lib/omniauth/strategy.rb
+++ b/lib/omniauth/strategy.rb
@@ -257,7 +257,7 @@ def options_request?
     # in the event that OmniAuth has been configured to be
     # in test mode.
     def mock_call!(*)
-      return mock_request_call if on_request_path?
+      return mock_request_call if on_request_path? && OmniAuth.config.allowed_request_methods.include?(request.request_method.downcase.to_sym)
       return mock_callback_call if on_callback_path?
       call_app!
     end
diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb
index 307f677ed..fc8f96f5e 100644
--- a/spec/omniauth/strategy_spec.rb
+++ b/spec/omniauth/strategy_spec.rb
@@ -560,6 +560,11 @@ def make_env(path = '/auth/test', props = {})
         expect(response[1]['Location']).to eq('/auth/test/callback')
       end
 
+      it "doesn't short circuit the request if request method is not allowed" do
+        response = strategy.call(make_env('/auth/test', 'REQUEST_METHOD' => 'DESTROY'))
+        expect(response[0]).to eq(404)
+      end
+
       it 'is case insensitive on request path' do
         expect(strategy.call(make_env('/AUTH/Test'))[0]).to eq(302)
       end