Class: ExvoAuth::OAuth2::Strategy::NonInteractive

Inherits:

OAuth2::Strategy::WebServer

• Object
• OAuth2::Strategy::WebServer
• ExvoAuth::OAuth2::Strategy::NonInteractive

Defined in:

lib/exvo_auth/oauth2.rb

Overview

In short: if user is already signed in and the request scope matches current authentication with an OAuth2 provider, grant them access token, otherwise - deny authentication.

This is a simple, non-standard OAuth2 extension. It is similar to “web_server” strategy with one exception: instead of redirecting following temporary token requests to an interactive user interface it returns a negative answer: when user is not signed in, or when app requests an extended scope that doesn’t match current authentication grant.

This strategy is needed to sign users in during json/jsonp requests, which cannot result in any interactive/navigational flows.

Instance Method Summary

• #authorize_params(options = {}) ⇒ Object

Instance Method Details

#authorize_params(options = {}) ⇒ Object

# File 'lib/exvo_auth/oauth2.rb', line 14

def authorize_params(options = {})
  super(options).merge('type' => 'non_interactive')
end