fix: ensure log_response actually logs the message

viacheslav-rostovtsev · viacheslav-rostovtsev · commit 3faece5ef02f · 2026-02-23T18:12:52.000-08:00
diff --git a/lib/googleauth/signet.rb b/lib/googleauth/signet.rb
@@ -210,10 +210,12 @@ def log_response token_response
           digest = Digest::SHA256.hexdigest response_hash["id_token"]
           response_hash["id_token"] = "(sha256:#{digest})"
         end
-        Google::Logging::Message.from(
-          message: "Received auth token response: #{response_hash}",
-          "credentialsId" => object_id
-        )
+        logger&.debug do
+          Google::Logging::Message.from(
+            message: "Received auth token response: #{response_hash}",
+            "credentialsId" => object_id
+          )
+        end
       end
 
       def log_auth_error err
diff --git a/spec/googleauth/user_refresh_spec.rb b/spec/googleauth/user_refresh_spec.rb
@@ -394,17 +394,54 @@ def cred_json_text_with_universe_domain missing = nil
     end
   end
 
+  describe "logging during revoke" do
+    let(:response_body) { '{"foo": "bar"}' }
+    let :stub do
+      stub_request(:post, "https://oauth2.googleapis.com/revoke")
+        .with(body: hash_including("token" => "refreshtoken"))
+        .to_return(status:  200,
+                   body: response_body,
+                   headers: { "Content-Type" => "application/json" })
+    end
+
+    it "logs the response body" do
+      stub
+      strio = StringIO.new
+      logger = Logger.new strio
+      logger.level = Logger::DEBUG
+      @client.logger = logger
+      @client.revoke!
+      expect(strio.string).to include("Received auth token response")
+    end
+
+    it "logs transient errors when they occur" do
+      allow_any_instance_of(Faraday::Connection).to receive(:post).and_raise(Faraday::TimeoutError)
+      strio = StringIO.new
+      logger = Logger.new strio
+      @client.logger = logger
+      
+      # Stub sleep to avoid slow tests
+      allow(@client).to receive(:sleep)
+
+      expect { @client.revoke! }.to raise_error Signet::AuthorizationError
+      expect(strio.string).to include("Transient error when fetching auth token")
+      expect(strio.string).to include("Exhausted retries when fetching auth token")
+    end
+  end
+
   describe "when errors occurred with request" do
     it "should fail with Signet::AuthorizationError if request times out" do
       allow_any_instance_of(Faraday::Connection).to receive(:post)
         .and_raise(Faraday::TimeoutError)
+      expect(@client).to receive(:sleep).exactly(5).times.with(kind_of(Numeric))
       expect { @client.revoke! }
         .to raise_error Signet::AuthorizationError
     end
 
     it "should fail with Signet::AuthorizationError if request fails" do
       allow_any_instance_of(Faraday::Connection).to receive(:post)
         .and_raise(Faraday::ConnectionFailed, nil)
+      expect(@client).to receive(:sleep).exactly(5).times.with(kind_of(Numeric))
       expect { @client.revoke! }
         .to raise_error Signet::AuthorizationError
     end
