Change TOKEN_URL to TOKEN_PATH and rescue JSON::ParserError

sferik · sferik · commit 69670ba231ec · 2025-12-25T22:16:51.000-08:00
diff --git a/lib/x/oauth2_authenticator.rb b/lib/x/oauth2_authenticator.rb
@@ -8,8 +8,8 @@ module X
   # Handles OAuth 2.0 authentication with token refresh capability
   # @api public
   class OAuth2Authenticator < Authenticator
-    # URL for the OAuth 2.0 token endpoint
-    TOKEN_URL = "https://api.twitter.com/2/oauth2/token".freeze
+    # Path for the OAuth 2.0 token endpoint
+    TOKEN_PATH = "/2/oauth2/token".freeze
     # Host for token refresh requests
     TOKEN_HOST = "api.twitter.com".freeze
     # Port for token refresh requests
@@ -131,7 +131,7 @@ def build_http_client
     # @api private
     # @return [Net::HTTP::Post] the POST request
     def build_token_request
-      request = Net::HTTP::Post.new(TOKEN_URL)
+      request = Net::HTTP::Post.new(TOKEN_PATH)
       request["Content-Type"] = "application/x-www-form-urlencoded"
       request["Authorization"] = "Basic #{Base64.strict_encode64("#{client_id}:#{client_secret}")}"
       request.body = URI.encode_www_form(grant_type: REFRESH_GRANT_TYPE, refresh_token: refresh_token)
@@ -145,10 +145,11 @@ def build_token_request
     # @raise [Error] if the response indicates an error
     def handle_token_response(response)
       body = JSON.parse(response.body)
-      unless response.is_a?(Net::HTTPSuccess)
-        error_message = body["error_description"] || body["error"] || "Token refresh failed"
-        raise Error, error_message
-      end
+    rescue JSON::ParserError
+      raise Error, "Token refresh failed"
+    else
+      raise Error, body["error_description"] || body["error"] || "Token refresh failed" unless response.is_a?(Net::HTTPSuccess)
+
       update_tokens(body)
       body
     end
diff --git a/sig/x.rbs b/sig/x.rbs
@@ -209,7 +209,7 @@ module X
   end
 
   class OAuth2Authenticator < Authenticator
-    TOKEN_URL: String
+    TOKEN_PATH: String
     TOKEN_HOST: String
     TOKEN_PORT: Integer
     REFRESH_GRANT_TYPE: String
diff --git a/test/x/oauth2_authenticator_test.rb b/test/x/oauth2_authenticator_test.rb
@@ -1,6 +1,8 @@
 require_relative "../test_helper"
 
 module X
+  TOKEN_URL = "https://#{OAuth2Authenticator::TOKEN_HOST}#{OAuth2Authenticator::TOKEN_PATH}".freeze
+
   class OAuth2AuthenticatorInitializationTest < Minitest::Test
     cover OAuth2Authenticator
 
@@ -75,7 +77,7 @@ class OAuth2AuthenticatorRefreshTokenTest < Minitest::Test
 
     def test_refresh_token_sends_correct_content_type
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .with(headers: {"Content-Type" => "application/x-www-form-urlencoded"})
         .to_return(status: 200, body: {access_token: "new"}.to_json)
 
@@ -85,7 +87,7 @@ def test_refresh_token_sends_correct_content_type
     def test_refresh_token_sends_basic_auth_header
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
       expected_auth = "Basic #{Base64.strict_encode64("#{TEST_CLIENT_ID}:#{TEST_CLIENT_SECRET}")}"
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .with(headers: {"Authorization" => expected_auth})
         .to_return(status: 200, body: {access_token: "new"}.to_json)
 
@@ -95,7 +97,7 @@ def test_refresh_token_sends_basic_auth_header
     def test_refresh_token_sends_correct_request_body
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
       expected_body = "grant_type=refresh_token&refresh_token=#{TEST_REFRESH_TOKEN}"
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .with(body: expected_body)
         .to_return(status: 200, body: {access_token: "new"}.to_json)
 
@@ -104,7 +106,7 @@ def test_refresh_token_sends_correct_request_body
 
     def test_refresh_token_updates_access_token
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 200, body: {access_token: "NEW_ACCESS_TOKEN"}.to_json)
 
       authenticator.refresh_token!
@@ -114,7 +116,7 @@ def test_refresh_token_updates_access_token
 
     def test_refresh_token_updates_refresh_token
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 200, body: {access_token: "new", refresh_token: "NEW_REFRESH"}.to_json)
 
       authenticator.refresh_token!
@@ -124,7 +126,7 @@ def test_refresh_token_updates_refresh_token
 
     def test_refresh_token_returns_response_body
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 200, body: {access_token: "new"}.to_json)
 
       result = authenticator.refresh_token!
@@ -134,7 +136,7 @@ def test_refresh_token_returns_response_body
 
     def test_refresh_token_updates_expires_at
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 200, body: {access_token: "new", expires_in: 7200}.to_json)
 
       before_refresh = Time.now
@@ -145,7 +147,7 @@ def test_refresh_token_updates_expires_at
 
     def test_refresh_token_keeps_old_refresh_token_when_not_returned
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 200, body: {access_token: "new"}.to_json)
 
       authenticator.refresh_token!
@@ -160,7 +162,7 @@ class OAuth2AuthenticatorRefreshTokenErrorTest < Minitest::Test
     def test_refresh_token_raises_on_error_with_description
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
 
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 400, body: {error: "invalid_grant", error_description: "Token expired"}.to_json)
 
       error = assert_raises(Error) { authenticator.refresh_token! }
@@ -170,7 +172,7 @@ def test_refresh_token_raises_on_error_with_description
     def test_refresh_token_raises_on_error_without_description
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
 
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 400, body: {error: "invalid_grant"}.to_json)
 
       error = assert_raises(Error) { authenticator.refresh_token! }
@@ -180,11 +182,21 @@ def test_refresh_token_raises_on_error_without_description
     def test_refresh_token_raises_on_error_with_default_message
       authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
 
-      stub_request(:post, OAuth2Authenticator::TOKEN_URL)
+      stub_request(:post, TOKEN_URL)
         .to_return(status: 500, body: {}.to_json)
 
       error = assert_raises(Error) { authenticator.refresh_token! }
       assert_equal "Token refresh failed", error.message
     end
+
+    def test_refresh_token_raises_on_invalid_json_response
+      authenticator = OAuth2Authenticator.new(**test_oauth2_credentials)
+
+      stub_request(:post, TOKEN_URL)
+        .to_return(status: 500, body: "Internal Server Error")
+
+      error = assert_raises(Error) { authenticator.refresh_token! }
+      assert_equal "Token refresh failed", error.message
+    end
   end
 end
