Class: OmniAuth::Strategies::Stackoverflow

Inherits:
OAuth2
  • Object
show all
Defined in:
lib/omniauth/strategies/stackoverflow.rb

Defined Under Namespace

Classes: NoAuthorizationCodeError

Constant Summary collapse

DEFAULT_SCOPE = 
'email'

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#oauth_keyObject

Returns the value of attribute oauth_key.



11
12
13
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 11

def oauth_key
  @oauth_key
end

Instance Method Details

#access_token_optionsObject 



108
109
110
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 108

def access_token_options
  options.access_token_options.inject({}) { |h,(k,v)| h[k.to_sym] = v; h }
end

#authorize_paramsObject

You can pass display, state or scope params to the auth request, if you need to set them dynamically. You can also set these options in the OmniAuth config :authorize_params option.

/auth/facebook?display=popup&state=ABC



119
120
121
122
123
124
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 119

def authorize_params
  super.tap do |params|
    %w[display state scope].each { |v| params[v.to_sym] = request.params[v] if request.params[v] }
    params[:scope] ||= DEFAULT_SCOPE
  end
end

#build_access_tokenObject 



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 53

def build_access_token

  if signed_request_contains_access_token?

    hash = signed_request.clone
    ::OAuth2::AccessToken.new(
      client,
      hash.delete('oauth_token'),
      hash.merge!(access_token_options.merge(:expires_at => hash.delete('expires')))
    )
  else
    with_authorization_code! { super }.tap do |token|
      token.options.merge!(access_token_options)
    end
  end
end

#callback_phaseObject 



91
92
93
94
95
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 91

def callback_phase
  @oauth_key = authorize_params[:oauth_key]

  super
end

#callback_urlObject

NOTE if we’re using code from the signed request then FB sets the redirect_uri to ” during the authorize phase + it must match during the access_token phase: github.com/facebook/php-sdk/blob/master/src/base_facebook.php#L348



100
101
102
103
104
105
106
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 100

def callback_url
  if @authorization_code_from_signed_request
    ''
  else
    options[:callback_url] || super
  end
end

#raw_infoObject 



48
49
50
51
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 48

def raw_info
  access_token.client.site = "https://api.stackexchange.com"
  @raw_info ||= access_token.get('/2.0/me', :params => { 'site' => 'stackoverflow', 'access_token' => access_token.token, 'key' => @oauth_key }).parsed["items"].first || {}
end

#request_phaseObject 



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 70

def request_phase
  if signed_request_contains_access_token?

    # if we already have an access token, we can just hit the
    # callback URL directly and pass the signed request along
    params = { :signed_request => raw_signed_request }
    params[:state] = request.params['state'] if request.params['state']
    
    query = Rack::Utils.build_query(params)

    url = callback_url
    url << "?" unless url.match(/\?/)
    url << "&" unless url.match(/[\&\?]$/)
    url << query

    redirect url
  else
    super
  end
end

#signed_requestObject

Parse signed request in order, from:

  1. the request ‘signed_request’ param (server-side flow from canvas pages) or

  2. a cookie (client-side flow via JS SDK)



132
133
134
135
 
# File 'lib/omniauth/strategies/stackoverflow.rb', line 132

def signed_request
  @signed_request ||= raw_signed_request &&
    parse_signed_request(raw_signed_request)
end