auth0_spec.rb in omniauth-auth0-3.1.0

- old
+ new

@@ -1,9 +1,10 @@
 # frozen_string_literal: true
 
 require 'spec_helper'
 require 'jwt'
+require 'multi_json'
 
 OmniAuth.config.allowed_request_methods = [:get, :post]
 
 RSpec.shared_examples 'site has valid domain url' do |url|
   it { expect(subject.site).to eq(url) }
@@ -194,9 +195,22 @@
       expect(redirect_url).not_to have_query('connection_scope')
       expect(redirect_url).not_to have_query('prompt')
       expect(redirect_url).not_to have_query('screen_hint')
       expect(redirect_url).not_to have_query('organization')
       expect(redirect_url).not_to have_query('invitation')
+    end
+
+    def session
+      session_cookie = last_response.cookies['rack.session'].first
+      session_data, _, _ = session_cookie.rpartition('--')
+      decoded_session_data = Base64.decode64(session_data)
+      Marshal.load(decoded_session_data)
+    end
+
+    it "stores session['authorize_params'] as a plain Ruby Hash" do
+      get '/auth/auth0'
+
+      expect(session['authorize_params'].class).to eq(::Hash)
     end
 
     describe 'callback' do
       let(:access_token) { 'access token' }
       let(:expires_in) { 2000 }