18F · monfresh · Sep 10, 2018 · Sep 10, 2018
diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb
@@ -140,7 +140,7 @@ def user_locked_out?(user)
     end
 
     def store_sp_metadata_in_session
-      return if sp_session[:issuer] || request_id.empty?
+      return if sp_session[:issuer] || request_id.blank?
       StoreSpMetadataInSession.new(session: session, request_id: request_id).call
     end
 

diff --git a/spec/requests/invalid_sign_in_params_spec.rb b/spec/requests/invalid_sign_in_params_spec.rb
@@ -5,3 +5,9 @@
     get new_user_session_path, params: { user: 'test@test.com' }
   end
 end
+
+context 'when the request_id param is present but with a nil value' do
+  it 'does not raise an error' do
+    get new_user_session_path, params: { request_id: nil }
+  end
+end