lib/omniauth/strategies/oauth2.rb in oa-oauth-0.2.0.beta1 vs lib/omniauth/strategies/oauth2.rb in oa-oauth-0.2.0.beta2
- old
+ new
@@ -46,10 +46,14 @@
def client
::OAuth2::Client.new(client_id, client_secret, client_options.merge(options[:client_options] || {}))
end
+ def callback_url
+ full_host + callback_path
+ end
+
protected
def request_phase
redirect client.web_server.authorize_url({:redirect_uri => callback_url}.merge(options))
end
@@ -59,9 +63,20 @@
raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri'])
end
verifier = request.params['code']
@access_token = client.web_server.get_access_token(verifier, :redirect_uri => callback_url)
+
+ if @access_token.expires? && @access_token.expires_in <= 0
+ client.request(:post, client.access_token_url, {
+ 'client_id' => client_id,
+ 'grant_type' => 'refresh_token',
+ 'client_secret' => client_secret,
+ 'refresh_token' => @access_token.refresh_token
+ })
+ @access_token = client.web_server.get_access_token(verifier, :redirect_uri => callback_url)
+ end
+
super
rescue ::OAuth2::HTTPError, ::OAuth2::AccessDenied, CallbackError => e
fail!(:invalid_credentials, e)
end