Ensure email param is properly encoded in delete_connection_user
[SDK-2660]
#280
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
This PR modifies the
delete_connection_user
method, putting theemail
query param inside thebody
hash parameter of thedelete
method, so it gets properly encoded and added as a query param to the URL by the rest-client gem.Previously, this query param was added directly to the endpoint path, which resulted in it not being properly percent-encoded (the reserved characters as per RFC 3986 were not encoded). This resulted in the endpoint returning an error due to the input validation failed with emails like
[email protected]
, because+
was not percent-encoded.See similar instance: https://github.com/auth0/ruby-auth0/blob/master/lib/auth0/api/v2/user_blocks.rb#L30
Why the query param needs to be added to
body
See https://github.com/auth0/ruby-auth0/blob/master/lib/auth0/mixins/httpproxy.rb.
This is the
body
parameter of thedelete
method:When the HTTP method is
:delete
, that method calls thecall
method to make the HTTP request with rest-client.Due to the peculiar API rest-client offers to pass parameters when using arbitrary HTTP methods, the parameters (the
body
hash in the case of:delete
) must to be added to theheaders
hash:The
call
method then invokes rest-client with thatheaders
hash containing the query params, that are then properly encoded and added to the URL:Testing
This change has been tested on
ruby 2.7.1p83
.Checklist