Class: LineLogin::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/line_login/client.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client_id: "client_id", client_secret: "client_secret", redirect_uri: "redirect_uri", api_origin: "https://api.line.me", access_origin: "https://access.line.me") ⇒ Client

Returns a new instance of Client.


14
15
16
17
18
19
20
# File 'lib/line_login/client.rb', line 14

def initialize(client_id: "client_id", client_secret: "client_secret", redirect_uri: "redirect_uri", api_origin: "https://api.line.me", access_origin: "https://access.line.me")
  self.client_id = client_id
  self.client_secret = client_secret
  self.redirect_uri = redirect_uri
  self.api_origin = api_origin
  self.access_origin = access_origin
end

Instance Attribute Details

#access_originObject

Returns the value of attribute access_origin.


12
13
14
# File 'lib/line_login/client.rb', line 12

def access_origin
  @access_origin
end

#api_originObject

Returns the value of attribute api_origin.


11
12
13
# File 'lib/line_login/client.rb', line 11

def api_origin
  @api_origin
end

#client_idObject

Returns the value of attribute client_id.


8
9
10
# File 'lib/line_login/client.rb', line 8

def client_id
  @client_id
end

#client_secretObject

Returns the value of attribute client_secret.


9
10
11
# File 'lib/line_login/client.rb', line 9

def client_secret
  @client_secret
end

#redirect_uriObject

Returns the value of attribute redirect_uri.


10
11
12
# File 'lib/line_login/client.rb', line 10

def redirect_uri
  @redirect_uri
end

Instance Method Details

Get Auth Link

Authenticating users and making authorization requests

Initiate the process of authenticating the user with the LINE Platform and authorizing your app. When the user clicks a LINE Login button, redirect them to an authorization URL with the required query parameters, as shown in the example below.


30
31
32
33
34
35
36
37
38
39
# File 'lib/line_login/client.rb', line 30

def get_auth_link(options = {})
  data = {
    scope: "profile%20openid%20email",
    response_type: "code",
    client_id: self.client_id,
    redirect_uri: self.redirect_uri,
    state: "state"
  }.merge(options);
  "#{self.access_origin}/oauth2/v2.1/authorize?#{URI.encode_www_form(data)}"
end

#issue_access_token(code:, redirect_uri: nil, code_verifier: nil) ⇒ Object

Issues access tokens.

The access tokens managed through the LINE Login API attest that an app has been granted permission to access user data (such as user IDs, display names, profile images, and status messages) saved on the LINE Platform.

LINE Login API calls require you to provide an access token or refresh token that was sent in an earlier response.


47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# File 'lib/line_login/client.rb', line 47

def issue_access_token(code: , redirect_uri: nil, code_verifier: nil)
  option = {
    url: "#{api_origin}/oauth2/v2.1/token",
    header: {
      "Content-Type": "application/x-www-form-urlencoded",
    },
    param: {
      grant_type: :authorization_code,
      code: code,
      redirect_uri: redirect_uri || self.redirect_uri,
      client_id: client_id,
      client_secret: client_secret,
      code_verifier: code_verifier
    }
  }
  response = post(option)
  JSON.parse(response.body)
end

#refresh_access_token(refresh_token:) ⇒ Object

Refresh access token

Gets a new access token using a refresh token. A refresh token is returned along with an access token once user authentication is complete.


84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'lib/line_login/client.rb', line 84

def refresh_access_token(refresh_token: )
  option = {
    url: "#{api_origin}/oauth2/v2.1/token",
    header: {
      "Content-Type": "application/x-www-form-urlencoded",
    },
    param: {
      grant_type: :refresh_token,
      refresh_token: refresh_token,
      client_id: client_id,
      client_secret: client_secret
    }
  }
  response = post(option)
  JSON.parse(response.body)
end

#revoke_access_token(access_token:) ⇒ Object

Revoke access token

Invalidates a user's access token.


105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# File 'lib/line_login/client.rb', line 105

def revoke_access_token(access_token: )
  option = {
    url: "#{api_origin}/oauth2/v2.1/revoke",
    header: {
      "Content-Type": "application/x-www-form-urlencoded",
    },
    param: {
      access_token: access_token,
      client_id: client_id,
      client_secret: client_secret
    }
  }
  response = post(option)
  response.body
end

#verify_access_token(access_token:) ⇒ Object

Verifies if an access token is valid.

For general recommendations on how to securely handle user registration and login with access tokens, see Creating a secure login process between your app and server in the LINE Login documentation.


71
72
73
74
75
76
77
# File 'lib/line_login/client.rb', line 71

def verify_access_token(access_token: )
  option = {
    url: "#{api_origin}/oauth2/v2.1/verify?access_token=#{access_token}",
  }
  response = get(option)
  JSON.parse(response.body)
end

#verify_id_token(id_token:, nonce: nil, user_id: nil) ⇒ Object

Verify ID token

ID tokens are JSON web tokens (JWT) with information about the user. It's possible for an attacker to spoof an ID token. Use this call to verify that a received ID token is authentic, meaning you can use it to obtain the user's profile information and email.


128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# File 'lib/line_login/client.rb', line 128

def verify_id_token(id_token: , nonce: nil, user_id: nil)
  param = {
    id_token: id_token,
    client_id: client_id
  }
  param[:nonce] = nonce unless nonce.nil?
  param[:user_id] = user_id unless user_id.nil?

  option = {
    url: "#{api_origin}/oauth2/v2.1/verify",
    header: {
      "Content-Type": "application/x-www-form-urlencoded",
    },
    param: param
  }
  response = post(option)
  JSON.parse(response.body)
end