Class: OAuth2::Client

Inherits:

Object

• Object
• OAuth2::Client

Defined in:

lib/oauth2/client.rb

Overview

The OAuth2::Client class

Constant Summary

RESERVED_PARAM_KEYS =

rubocop:disable Metrics/ClassLength

%w[headers parse].freeze

DEFAULT_EXTRACT_ACCESS_TOKEN =

proc do |client, hash|
  token = hash.delete('access_token') || hash.delete(:access_token)
  token && AccessToken.new(client, token, hash)
end

Instance Attribute Summary

• #connection ⇒ Object

  The Faraday connection object.

• #id ⇒ Object readonly

  Returns the value of attribute id.

• #options ⇒ Object

  Returns the value of attribute options.

• #secret ⇒ Object readonly

  Returns the value of attribute secret.

• #site ⇒ Object

  Returns the value of attribute site.

Instance Method Summary

• #assertion ⇒ Object
• #auth_code ⇒ Object

  The Authorization Code strategy.

• #authorize_url(params = {}) ⇒ Object

  The authorize endpoint URL of the OAuth2 provider.

• #client_credentials ⇒ Object

  The Client Credentials strategy.

• #get_token(params, access_token_opts = {}, extract_access_token = ) ⇒ AccessToken

  Initializes an AccessToken by making a request to the token endpoint.

• #implicit ⇒ Object

  The Implicit strategy.

• #initialize(client_id, client_secret, options = {}) {|builder| ... } ⇒ Client constructor

  Instantiate a new OAuth 2.0 client using the Client ID and Client Secret registered to your application.

• #password ⇒ Object

  The Resource Owner Password Credentials strategy.

• #redirection_params ⇒ Hash

  The redirect_uri parameters, if configured.

• #request(verb, url, opts = {}) {|req| ... } ⇒ Object

  Makes a request relative to the specified site root.

• #token_url(params = nil) ⇒ Object

  The token endpoint URL of the OAuth2 provider.

Constructor Details

#initialize(client_id, client_secret, options = {}) {|builder| ... } ⇒ Client

Instantiate a new OAuth 2.0 client using the Client ID and Client Secret registered to your application.

Parameters:

• client_id (String) —

  the client_id value

• client_secret (String) —

  the client_secret value

• opts (Hash) —

  the options to create the client with

Yields:

• (builder) —

  The Faraday connection builder

# File 'lib/oauth2/client.rb', line 31

def initialize(client_id, client_secret, options = {}, &block)
  opts = options.dup
  @id = client_id
  @secret = client_secret
  @site = opts.delete(:site)
  ssl = opts.delete(:ssl)

  @options = {
    :authorize_url => '/oauth/authorize',
    :token_url => '/oauth/token',
    :token_method => :post,
    :auth_scheme => :request_body,
    :connection_opts => {},
    :connection_build => block,
    :max_redirects => 5,
    :raise_errors => true,
    :extract_access_token => DEFAULT_EXTRACT_ACCESS_TOKEN,
  }.merge(opts)
  @options[:connection_opts][:ssl] = ssl if ssl
end

Instance Attribute Details

#connection ⇒ Object

The Faraday connection object

# File 'lib/oauth2/client.rb', line 61

def connection
  @connection ||=
    Faraday.new(site, options[:connection_opts]) do |builder|
      if options[:connection_build]
        options[:connection_build].call(builder)
      end
    end
end

#id ⇒ Object (readonly)

Returns the value of attribute id.

# File 'lib/oauth2/client.rb', line 9

def id
  @id
end

#options ⇒ Object

Returns the value of attribute options.

# File 'lib/oauth2/client.rb', line 10

def options
  @options
end

#secret ⇒ Object (readonly)

Returns the value of attribute secret.

# File 'lib/oauth2/client.rb', line 9

def secret
  @secret
end

#site ⇒ Object

Returns the value of attribute site.

# File 'lib/oauth2/client.rb', line 9

def site
  @site
end

Instance Method Details

#assertion ⇒ Object

# File 'lib/oauth2/client.rb', line 204

def assertion
  @assertion ||= OAuth2::Strategy::Assertion.new(self)
end

#auth_code ⇒ Object

The Authorization Code strategy

See Also:

• http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1

# File 'lib/oauth2/client.rb', line 179

def auth_code
  @auth_code ||= OAuth2::Strategy::AuthCode.new(self)
end

#authorize_url(params = {}) ⇒ Object

The authorize endpoint URL of the OAuth2 provider

Parameters:

• params (Hash) (defaults to: {}) —

  additional query parameters

# File 'lib/oauth2/client.rb', line 73

def authorize_url(params = {})
  params = (params || {}).merge(redirection_params)
  connection.build_url(options[:authorize_url], params).to_s
end

#client_credentials ⇒ Object

The Client Credentials strategy

See Also:

• http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4

# File 'lib/oauth2/client.rb', line 200

def client_credentials
  @client_credentials ||= OAuth2::Strategy::ClientCredentials.new(self)
end

#get_token(params, access_token_opts = {}, extract_access_token = ) ⇒ AccessToken

Initializes an AccessToken by making a request to the token endpoint

Parameters:

• params (Hash) —

  a Hash of params for the token endpoint

• access (Hash) —

  token options, to pass to the AccessToken object

• class (Class) —

  of access token for easier subclassing OAuth2::AccessToken

Returns:

• (AccessToken) —

  the initialized AccessToken

# File 'lib/oauth2/client.rb', line 140

def get_token(params, access_token_opts = {}, extract_access_token = options[:extract_access_token]) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
  params = params.map do |key, value|
    if RESERVED_PARAM_KEYS.include?(key)
      [key.to_sym, value]
    else
      [key, value]
    end
  end
  params = Hash[params]

  params = Authenticator.new(id, secret, options[:auth_scheme]).apply(params)
  opts = {:raise_errors => options[:raise_errors], :parse => params.delete(:parse)}
  headers = params.delete(:headers) || {}
  if options[:token_method] == :post
    opts[:body] = params
    opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
  else
    opts[:params] = params
    opts[:headers] = {}
  end
  opts[:headers].merge!(headers)
  response = request(options[:token_method], token_url, opts)

  access_token = begin
    build_access_token(response, access_token_opts, extract_access_token)
  rescue StandardError
    nil
  end

  if options[:raise_errors] && !access_token
    error = Error.new(response)
    raise(error)
  end
  access_token
end

#implicit ⇒ Object

The Implicit strategy

See Also:

• http://tools.ietf.org/html/draft-ietf-oauth-v2-26#section-4.2

# File 'lib/oauth2/client.rb', line 186

def implicit
  @implicit ||= OAuth2::Strategy::Implicit.new(self)
end

#password ⇒ Object

The Resource Owner Password Credentials strategy

See Also:

• http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3

# File 'lib/oauth2/client.rb', line 193

def password
  @password ||= OAuth2::Strategy::Password.new(self)
end

#redirection_params ⇒ Hash

The redirect_uri parameters, if configured

The redirect_uri query parameter is OPTIONAL (though encouraged) when requesting authorization. If it is provided at authorization time it MUST also be provided with the token exchange request.

Providing the :redirect_uri to the OAuth2::Client instantiation will take care of managing this.

Returns:

• (Hash) —

  the params to add to a request or URL

See Also:

• https://tools.ietf.org/html/rfc6749#section-4.1
• https://tools.ietf.org/html/rfc6749#section-4.1.3
• https://tools.ietf.org/html/rfc6749#section-4.2.1
• https://tools.ietf.org/html/rfc6749#section-10.6

# File 'lib/oauth2/client.rb', line 224

def redirection_params
  if options[:redirect_uri]
    {'redirect_uri' => options[:redirect_uri]}
  else
    {}
  end
end

#request(verb, url, opts = {}) {|req| ... } ⇒ Object

Makes a request relative to the specified site root.

Parameters:

• verb (Symbol) —

  one of :get, :post, :put, :delete

• url (String) —

  URL path of request

• opts (Hash) (defaults to: {}) —

  the options to make the request with

Options Hash (opts):

• :params (Hash) —

  additional query parameters for the URL of the request

• :body (Hash, String) —

  the body of the request

• :headers (Hash) —

  http request headers

• :raise_errors (Boolean) —

  whether or not to raise an OAuth2::Error on 400+ status code response for this request. Will default to client option

• :parse (Symbol) —

  @see Response::initialize

Yields:

• (req) —

  The Faraday request

# File 'lib/oauth2/client.rb', line 97

def request(verb, url, opts = {}) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
  connection.response :logger, ::Logger.new($stdout) if ENV['OAUTH_DEBUG'] == 'true'

  url = connection.build_url(url).to_s

  response = connection.run_request(verb, url, opts[:body], opts[:headers]) do |req|
    req.params.update(opts[:params]) if opts[:params]
    yield(req) if block_given?
  end
  response = Response.new(response, :parse => opts[:parse])

  case response.status
  when 301, 302, 303, 307
    opts[:redirect_count] ||= 0
    opts[:redirect_count] += 1
    return response if opts[:redirect_count] > options[:max_redirects]

    if response.status == 303
      verb = :get
      opts.delete(:body)
    end
    request(verb, response.headers['location'], opts)
  when 200..299, 300..399
    # on non-redirecting 3xx statuses, just return the response
    response
  when 400..599
    error = Error.new(response)
    raise(error) if opts.fetch(:raise_errors, options[:raise_errors])

    response.error = error
    response
  else
    error = Error.new(response)
    raise(error, "Unhandled status code value of #{response.status}")
  end
end

#token_url(params = nil) ⇒ Object

The token endpoint URL of the OAuth2 provider

Parameters:

• params (Hash) (defaults to: nil) —

  additional query parameters

# File 'lib/oauth2/client.rb', line 81

def token_url(params = nil)
  connection.build_url(options[:token_url], params).to_s
end