search

tmus / monzo

A Go library for interacting with the Monzo Bank API.
MIT License
3 stars 0 forks source link

Client.Ping() doesn't return an error if the token is an empty string. #5

Closed tmus closed 5 years ago

tmus commented 5 years ago

The ping/whoami endpoint returns a 200 response if no token is provided, but with a payload of {authenticated: false}.

Either prevent the request from being sent if the token string is "", or unmarshal the json and check the result of the authenticated key.

heyitsols commented 5 years ago

What would you expect the result to be if you called that endpoint with an invalid token?

tmus commented 5 years ago

Calling /ping/whoami with an invalid token returns a 400 Bad Request response with the following json:

{
  "code": "bad_request.invalid_token",
  "message": "Token is invalid"
}

I'm leaning towards checking the token before carrying out the request, probably at the top of the Ping method something like:


if c.Token == "" {
    return errors.New("error pinging Monzo API. token cannot be an empty string")
}
tmus commented 5 years ago

Addressed in https://github.com/tmus/monzo/commit/20139935b5c346e34788b5eb9f7467c0e1b64462