From 52fea4e15b2361d7bd20dff30bace193e6cc1a11 Mon Sep 17 00:00:00 2001
From: Jordan Owens <jkowens@gmail.com>
Date: Sat, 16 Jan 2021 15:40:44 -0500
Subject: [PATCH] Allow OmniAuthAuthenticityTokenProtection options to be
 configured

This will be useful for disabling csrf protection in test suites or
configuring the csrf key when the next version of rack-protection is
released.
---
 lib/omniauth/authenticity_token_protection.rb |  2 ++
 spec/omniauth/strategy_spec.rb                | 13 +++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/lib/omniauth/authenticity_token_protection.rb b/lib/omniauth/authenticity_token_protection.rb
index 6dea46b93..dd05d0d74 100644
--- a/lib/omniauth/authenticity_token_protection.rb
+++ b/lib/omniauth/authenticity_token_protection.rb
@@ -18,6 +18,8 @@ def call!(env)
       react env
     end
 
+    alias_method :call, :call!
+
   private
 
     def deny(_env)
diff --git a/spec/omniauth/strategy_spec.rb b/spec/omniauth/strategy_spec.rb
index b4a86dace..d8d633b04 100644
--- a/spec/omniauth/strategy_spec.rb
+++ b/spec/omniauth/strategy_spec.rb
@@ -973,6 +973,19 @@ def make_env(path = '/auth/test', props = {})
         end
       end
 
+      context 'with custom allow_if proc' do
+        before do
+          OmniAuth.config.request_validation_phase = OmniAuth::AuthenticityTokenProtection.new(allow_if: ->(env) { true })
+        end
+
+        it 'allows a valid request' do
+          expect(strategy).to receive(:fail!).with('Request Phase', kind_of(StandardError))
+
+          post_env = make_env('/auth/test')
+          strategy.call(post_env)
+        end
+      end
+
       after do
         OmniAuth.config.request_validation_phase = nil
       end