Browse Source

fix: encode OAuth URLs using URI.encode_www_form

instead of URI.escape which is deprecated.
Mike Dalessio 3 years ago
parent
commit
0e90b6aa91
2 changed files with 2 additions and 2 deletions
  1. 1 1
      lib/shopify_api/session.rb
  2. 1 1
      test/session_test.rb

+ 1 - 1
lib/shopify_api/session.rb

@@ -183,7 +183,7 @@ module ShopifyAPI
     end
 
     def parameterize(params)
-      URI.escape(params.collect { |k, v| "#{k}=#{v}" }.join('&'))
+      URI.encode_www_form(params)
     end
 
     def access_token_request(code)

+ 1 - 1
test/session_test.rb

@@ -333,7 +333,7 @@ class SessionTest < Test::Unit::TestCase
     permission_url = session.create_permission_url(scope, "http://my_redirect_uri.com", state: "My nonce")
     assert_equal_uri(
       "https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&" \
-        "scope=&redirect_uri=http://my_redirect_uri.com&state=My%20nonce",
+        "scope=&redirect_uri=http://my_redirect_uri.com&state=My+nonce",
       permission_url
     )
   end