omniauth.rb in wordjelly-auth-1.1.4

- old
+ new

@@ -80,11 +80,11 @@
 	    ##now the callback call
 	    # Performs the steps necessary to run the callback phase of a strategy.
 	    def callback_call
 	      #check_state
 	      setup_phase
-	      log :info, 'Callback phase initiated.'
+	      puts 'Callback phase initiated.'
 	      @env['omniauth.origin'] = session.delete('omniauth.origin')
 	      @env['omniauth.origin'] = nil if env['omniauth.origin'] == ''
 	      @env['omniauth.params'] = session.delete('omniauth.params') || {}
 	      ##FOR THE WEB BASED SYSTEM, remember this was set in the request call.
 	      
@@ -104,39 +104,56 @@
 module OmniAuth
   module Strategies
   	OAuth2.class_eval do 
 
   		def callback_phase # rubocop:disable AbcSize, CyclomaticComplexity, MethodLength, PerceivedComplexity
-  			
+  			puts "came to callback phase."
+  			puts "state is:"
+  			puts "in request params:"
+  			puts request.params["state"]
+  			puts "session omniauth state."
+  			puts session["omniauth.state"]
+  			puts "options provider ignores state is:"
+  			puts option.provider_ignores_state
+
 	        error = request.params["error_reason"] || request.params["error"]
+	        puts "error : #{error}"
 	        if error
 	          fail!(error, CallbackError.new(request.params["error"], request.params["error_description"] || request.params["error_reason"], request.params["error_uri"]))
 	        elsif !options.provider_ignores_state  && (request.params["state"].to_s.empty? || request.params["state"] != session.delete("omniauth.state"))
 	          #puts "STATE ISSUES."
+	          puts "state is detected."
 	          headers = Hash[*env.select {|k,v| k.start_with? 'HTTP_'}
 			  .collect {|k,v| [k.sub(/^HTTP_/, ''), v]}
 			  .collect {|k,v| [k.split('_').collect(&:capitalize).join('-'), v]}
 			  .sort
 			  .flatten]
+			  puts "headers accept is:"
+			  puts headers["Accept"]
 			  if headers["Accept"] == "application/json"
 			  	self.access_token = build_access_token
 		        self.access_token = access_token.refresh! if access_token.expired?
 		        super
 			  else
 			  	#puts "came to csrf detected."
  	          	fail!(:csrf_detected, CallbackError.new(:csrf_detected, "CSRF detected"))
 	          end
 	        else
 	          #puts "didnt have any initial state issues."
+	          puts "no state"
+	          puts "going to build access token."
 	          self.access_token = build_access_token
 	          self.access_token = access_token.refresh! if access_token.expired?
 	          super
 	        end
 	      rescue ::OAuth2::Error, CallbackError => e
+	      	puts "invalid creds."
 	        fail!(:invalid_credentials, e)
 	      rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e
+	      	puts "timeout."
 	        fail!(:timeout, e)
 	      rescue ::SocketError => e
+	      	puts "socket error."
 	        fail!(:failed_to_connect, e)
 	    end
 	    
 	    protected
 	    class CallbackError < StandardError