Class: OmniAuth::Strategies::OAuth2
- Inherits:
-
Object
- Object
- OmniAuth::Strategies::OAuth2
- Includes:
- OmniAuth::Strategy
- Defined in:
- lib/omniauth/strategies/oauth2.rb
Overview
Authentication strategy for connecting with APIs constructed using the [OAuth 2.0 Specification](tools.ietf.org/html/draft-ietf-oauth-v2-10). You must generally register your application with the provider and utilize an application id and secret in order to authenticate using OAuth 2.0.
Defined Under Namespace
Classes: CallbackError
Instance Attribute Summary collapse
-
#access_token ⇒ Object
Returns the value of attribute access_token.
Instance Method Summary collapse
- #authorize_params ⇒ Object
- #callback_phase ⇒ Object
- #callback_url ⇒ Object
- #client ⇒ Object
- #request_phase ⇒ Object
- #token_params ⇒ Object
Instance Attribute Details
#access_token ⇒ Object
Returns the value of attribute access_token.
29 30 31 |
# File 'lib/omniauth/strategies/oauth2.rb', line 29 def access_token @access_token end |
Instance Method Details
#authorize_params ⇒ Object
51 52 53 54 55 56 57 58 59 60 |
# File 'lib/omniauth/strategies/oauth2.rb', line 51 def .[:state] = SecureRandom.hex(24) params = ..merge(..inject({}){|h,k| h[k.to_sym] = [k] if [k]; h}) if OmniAuth.config.test_mode @env ||= {} @env['rack.session'] ||= {} end session['omniauth.state'] = params[:state] params end |
#callback_phase ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/omniauth/strategies/oauth2.rb', line 66 def callback_phase if request.params['error'] || request.params['error_reason'] raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri']) end if !.provider_ignores_state && (request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state')) raise CallbackError.new(nil, :csrf_detected) end self.access_token = build_access_token self.access_token = access_token.refresh! if access_token.expired? super rescue ::OAuth2::Error, CallbackError => e fail!(:invalid_credentials, e) rescue ::MultiJson::DecodeError => e fail!(:invalid_response, e) rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e fail!(:timeout, e) rescue ::SocketError => e fail!(:failed_to_connect, e) end |
#callback_url ⇒ Object
35 36 37 |
# File 'lib/omniauth/strategies/oauth2.rb', line 35 def callback_url full_host + script_name + callback_path end |
#client ⇒ Object
31 32 33 |
# File 'lib/omniauth/strategies/oauth2.rb', line 31 def client ::OAuth2::Client.new(.client_id, .client_secret, deep_symbolize(.)) end |
#request_phase ⇒ Object
47 48 49 |
# File 'lib/omniauth/strategies/oauth2.rb', line 47 def request_phase redirect client.auth_code.({:redirect_uri => callback_url}.merge()) end |
#token_params ⇒ Object
62 63 64 |
# File 'lib/omniauth/strategies/oauth2.rb', line 62 def token_params .token_params.merge(..inject({}){|h,k| h[k.to_sym] = [k] if [k]; h}) end |