lib/omniauth/strategies/oauth2.rb in oa-oauth-0.1.4 vs lib/omniauth/strategies/oauth2.rb in oa-oauth-0.1.5

- old
+ new

@@ -3,25 +3,42 @@ require 'oauth2' require 'omniauth/oauth' module OmniAuth module Strategies + # Authentication strategy for connecting with APIs constructed using + # the [OAuth 2.0 Specification](http://tools.ietf.org/html/draft-ietf-oauth-v2-10). + # You must generally register your application with the provider and + # utilize an application id and secret in order to authenticate using + # OAuth 2.0. class OAuth2 include OmniAuth::Strategy - attr_accessor :options, :client + # The options passed in to the strategy. + attr_accessor :options + # The `OAuth2::Client` for this strategy. + attr_accessor :client + # An error that is indicated in the OAuth 2.0 callback. + # This could be a `redirect_uri_mismatch` or other class CallbackError < StandardError attr_accessor :error, :error_reason, :error_uri def initialize(error, error_reason=nil, error_uri=nil) self.error = error self.error_reason = error_reason self.error_uri = error_uri end end + # Initialize a new OAuth 2.0 authentication provider. + + # @param [Rack Application] app standard middleware application argument + # @param [String] name the name for this provider to be used in its URL, e.g. `/auth/name` + # @param [String] client_id the client/application ID of this provider + # @param [String] client_secret the client/application secret of this provider + # @param [Hash] options that will be passed through to the OAuth2::Client (see [oauth2 docs](http://rubydoc.info/gems/oauth2)) def initialize(app, name, client_id, client_secret, options = {}) super(app, name) self.options = options self.client = ::OAuth2::Client.new(client_id, client_secret, options) end @@ -31,10 +48,10 @@ def request_phase redirect client.web_server.authorize_url({:redirect_uri => callback_url}.merge(options)) end def callback_phase - if request.params['error'] + if request.params['error'] || request.params['error_reason'] raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri']) end verifier = request.params['code'] @access_token = client.web_server.get_access_token(verifier, :redirect_uri => callback_url)