Class: OAuth2::Strategy::Implicit

Inherits:

Base

Object
Base
OAuth2::Strategy::Implicit

show all

Defined in:: lib/oauth2/strategy/implicit.rb

Overview

The Implicit Strategy

IMPORTANT (OAuth 2.1): The Implicit grant (response_type=token) is omitted from the OAuth 2.1 draft specification. It remains here for backward compatibility with OAuth 2.0 providers. Prefer the Authorization Code flow with PKCE.

References:

OAuth 2.1 draft: datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-13
Why drop implicit: aaronparecki.com/2019/12/12/21/its-time-for-oauth-2-dot-1
Background: fusionauth.io/learn/expert-advice/oauth/differences-between-oauth-2-oauth-2-1/

Instance Method Summary collapse

#authorize_params(params = {}) ⇒ Object

The required query parameters for the authorize URL.
#authorize_url(params = {}) ⇒ Object

The authorization URL endpoint of the provider.
#get_token ⇒ Object

Not used for this strategy.

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from OAuth2::Strategy::Base

Instance Method Details

#authorize_params(params = {}) ⇒ `Object`

The required query parameters for the authorize URL

Parameters:

params (Hash) (defaults to: {}) —

additional query parameters



20
21
22

# File 'lib/oauth2/strategy/implicit.rb', line 20

def authorize_params(params = {})
  params.merge("response_type" => "token", "client_id" => @client.id)
end

#authorize_url(params = {}) ⇒ `Object`

The authorization URL endpoint of the provider

Parameters:

params (Hash) (defaults to: {}) —

additional query parameters for the URL

# File 'lib/oauth2/strategy/implicit.rb', line 27

def authorize_url(params = {})
  assert_valid_params(params)
  @client.authorize_url(authorize_params.merge(params))
end

#get_token ⇒ `Object`

Not used for this strategy

Raises:

(NotImplementedError)



35
36
37

# File 'lib/oauth2/strategy/implicit.rb', line 35

def get_token(*)
  raise(NotImplementedError, "The token is accessed differently in this strategy")
end