Class: OmniAuth::Strategies::GoogleIdToken

Inherits:
Object
  • Object
show all
Includes:
OmniAuth::Strategy
Defined in:
lib/omniauth/strategies/google_id_token.rb

Defined Under Namespace

Classes: ClaimInvalid

Constant Summary collapse

RESPONSE_TYPES = 
%w[token id_token].freeze

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.inherited(subclass) ⇒ Object

rubocop:disable Lint/MissingSuper



10
11
12
 
# File 'lib/omniauth/strategies/google_id_token.rb', line 10

def self.inherited(subclass) # rubocop:disable Lint/MissingSuper
  OmniAuth::Strategy.included(subclass)
end

Instance Method Details

#authorize_paramsObject

rubocop:disable Metrics/AbcSize



29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/omniauth/strategies/google_id_token.rb', line 29

def authorize_params # rubocop:disable Metrics/AbcSize
  params = {}
  params[:scope] = options.scope.join(' ')
  params[:access_type] = 'offline'
  params[:include_granted_scopes] = true
  params[:state] = SecureRandom.hex(24)
  session['omniauth.state'] = params[:state]
  params[:redirect_uri] = callback_url
  params[:response_type] = RESPONSE_TYPES.join(' ')
  params[:client_id] = options.client_id
  params
end

#callback_phaseObject 



57
58
59
60
61
 
# File 'lib/omniauth/strategies/google_id_token.rb', line 57

def callback_phase
  super
rescue ClaimInvalid => e
  fail! :claim_invalid, e
end

#decodedObject

rubocop:disable Metrics/AbcSize

Raises:



42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/omniauth/strategies/google_id_token.rb', line 42

def decoded # rubocop:disable Metrics/AbcSize
  raise ClaimInvalid, 'Token not found!' unless request.params.key?('id_token')

  begin
    @decoded = ::Google::Auth::IDTokens.verify_oidc(request.params['id_token'], aud: options.client_id)
  rescue StandardError => e
    raise ClaimInvalid, e.message
  end

  (options.required_claims || []).each do |field|
    raise ClaimInvalid, "Missing required '#{field}' claim." unless @decoded.key?(field.to_s)
  end
  @decoded
end

#request_phaseObject 



23
24
25
26
27
 
# File 'lib/omniauth/strategies/google_id_token.rb', line 23

def request_phase
  redirect URI::HTTPS.build(host: 'accounts.google.com', path: '/o/oauth2/auth', query: URI.encode_www_form(authorize_params)).to_s.gsub( # rubocop:disable Layout/LineLength
    /\+/, '%20'
  )
end