edenred.rb in omniauth-edenred-1.0.1

- old
+ new

@@ -24,10 +24,37 @@
 						:token_url => 'https://sso.auth-sandbox.api.edenred.com/idsrv/connect/token',
 					}
 				end
 			end
 
+			# Added JWT.decode
+			def callback_phase
+				begin
+					error = request.params["error_reason"] || request.params["error"]
+					if error
+						fail!(error, CallbackError.new(request.params["error"], request.params["error_description"] || request.params["error_reason"], request.params["error_uri"]))
+					elsif !options.provider_ignores_state && (request.params["state"].to_s.empty? || request.params["state"] != session.delete("omniauth.state"))
+						fail!(:csrf_detected, CallbackError.new(:csrf_detected, "CSRF detected"))
+					else
+						self.access_token = build_access_token
+						self.access_token = access_token.refresh! if access_token.expired?
+
+						@raw_info = JWT.decode(access_token.params['id_token'], nil, false).first
+						env['omniauth.auth'] = auth_hash
+						call_app!
+					end
+				rescue ::OAuth2::Error, CallbackError => e
+					fail!(:invalid_credentials, e)
+				rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e
+					fail!(:timeout, e)
+				rescue ::SocketError => e
+					fail!(:failed_to_connect, e)
+				rescue ::JWT::DecodeError => e
+					fail!(:jwt_decode, e)
+				end
+			end
+
 			uid { raw_info['username'] }
 
 			info do
 				{
 					:name => raw_info['username'],
@@ -40,10 +67,10 @@
 					'raw_info' => raw_info
 				}
 			end
 
 			def raw_info
-				@raw_info ||= JWT.decode(access_token.params['id_token'], nil, false).first
+				@raw_info || {}
 			end
 
 			# Required for omniauth-oauth2 >= 1.4
 			# https://github.com/intridea/omniauth-oauth2/issues/81
 			def callback_url
\ No newline at end of file