google-auth-library-ruby icon indicating copy to clipboard operation
google-auth-library-ruby copied to clipboard
verified publisher icon googleapis

UserRefreshCredentials.revoke! block returns 0 which causes revoke to fail

Open joshudev opened this issue 7 months ago • 0 comments

There seems to be a bug in the revoke! method of Google::Auth::UserRefreshCredentials

retry_with_error calls log_response which attempts to parse the yielded result as JSON. As the code below returns 0 it is treated as valid json and then we get a "no implicit conversion of String into Integer" error as log_response tries to use this value as a hash (response_hash["access_token"])

  def revoke!(options = {})
    c = options[:connection] || Faraday.default_connection

    retry_with_error do
      resp = c.post(REVOKE_TOKEN_URI, token: refresh_token || access_token)
      case resp.status
      when 200
        self.access_token = nil
        self.refresh_token = nil
        self.expires_at = 0
        #
        #  Need to return resp here, which fixes the crash caused by retry_with_error's use of log_response
        #
        resp
      else
        raise(Signet::AuthorizationError,
              "Unexpected error code #{resp.status}")
      end
    end
  end

joshudev avatar Jun 02 '25 17:06 joshudev