From 53dd55ef74e3a436c45b4afe1559df69282bb119 Mon Sep 17 00:00:00 2001
From: Patrik Ragnarsson <patrik@starkast.net>
Date: Tue, 16 Sep 2014 17:08:19 +0200
Subject: [PATCH 1/2] Escape user id

id has the form "auth0|foo123", Ruby URI doesn't like "|".
---
 lib/auth0/client.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/auth0/client.rb b/lib/auth0/client.rb
index c8deabb2..ffd6cdb1 100644
--- a/lib/auth0/client.rb
+++ b/lib/auth0/client.rb
@@ -1,3 +1,4 @@
+require 'uri'
 require 'httparty'
 
 class Auth0Client
@@ -31,7 +32,9 @@ def get_connections
   end
 
   def delete_user(id)
-    response = self.class.delete("/api/users/#{id}", { headers: @headers })
+
+    uri = URI.escape("/api/users/#{id}")
+    response = self.class.delete(uri, { headers: @headers })
     response.body
   end
 

From 64f34041f4c5b557b4c03135952e62410652d3d3 Mon Sep 17 00:00:00 2001
From: Patrik Ragnarsson <patrik@starkast.net>
Date: Tue, 16 Sep 2014 17:11:30 +0200
Subject: [PATCH 2/2] fail if id is empty string
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

POST /api/users/ is another API call – which will remove all users,
don't want that to happen unexpectedly!
---
 lib/auth0/client.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/auth0/client.rb b/lib/auth0/client.rb
index ffd6cdb1..8f4f0a9c 100644
--- a/lib/auth0/client.rb
+++ b/lib/auth0/client.rb
@@ -32,6 +32,7 @@ def get_connections
   end
 
   def delete_user(id)
+    fail "#{__method__}: No id" if id.to_s.empty?
 
     uri = URI.escape("/api/users/#{id}")
     response = self.class.delete(uri, { headers: @headers })