Class: OAuth2::Strategy::Password

Inherits:

Base

Object
Base
OAuth2::Strategy::Password

show all

Defined in:: lib/oauth2/strategy/password.rb

Overview

The Resource Owner Password Credentials Authorization Strategy

IMPORTANT (OAuth 2.1): The Resource Owner Password Credentials grant is omitted in OAuth 2.1. It remains here for backward compatibility with OAuth 2.0 providers. Prefer Authorization Code + PKCE.

References:

OAuth 2.1 draft: datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-13
Okta explainer: developer.okta.com/blog/2019/12/13/oauth-2-1-how-many-rfcs
FusionAuth blog: fusionauth.io/blog/2020/04/15/whats-new-in-oauth-2-1

Instance Method Summary collapse

#authorize_url ⇒ Object

Not used for this strategy.
#get_token(username, password, params = {}, opts = {}) ⇒ Object

Retrieve an access token given the specified End User username and password.

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from OAuth2::Strategy::Base

Instance Method Details

#authorize_url ⇒ `Object`

Not used for this strategy

Raises:

(NotImplementedError)



20
21
22

# File 'lib/oauth2/strategy/password.rb', line 20

def authorize_url
  raise(NotImplementedError, "The authorization endpoint is not used in this strategy")
end

#get_token(username, password, params = {}, opts = {}) ⇒ `Object`

Retrieve an access token given the specified End User username and password.

Parameters:

username (String) —

the End User username
password (String) —

the End User password
params (Hash) (defaults to: {}) —

additional params

# File 'lib/oauth2/strategy/password.rb', line 29

def get_token(username, password, params = {}, opts = {})
  params = {
    "grant_type" => "password",
    "username" => username,
    "password" => password,
  }.merge(params)
  @client.get_token(params, opts)
end