Class: OmniAuth::Strategies::HackID

Inherits:

OAuth2

• Object
• OAuth2
• OmniAuth::Strategies::HackID

Defined in:

lib/omniauth/strategies/hackid.rb

Defined Under Namespace

Classes: NoAuthorizationCodeError

Constant Summary

DEFAULT_SCOPE =

'email'

Instance Method Summary

• #access_token_options ⇒ Object
• #authorize_params ⇒ Object

  You can pass display, state or scope params to the auth request, if you need to set them dynamically.

• #build_access_token ⇒ Object
• #callback_url ⇒ Object

  NOTE if we’re using code from the signed request then HackID sets the redirect_uri to ” during the authorize phase + it must match during the access_token phase: github.com/facebook/php-sdk/blob/master/src/base_facebook.php#L348.

• #raw_info ⇒ Object
• #request_phase ⇒ Object
• #signed_request ⇒ Object

  Parse signed request in order, from:.

Instance Method Details

#access_token_options ⇒ Object

# File 'lib/omniauth/strategies/hackid.rb', line 110

def access_token_options
  options.access_token_options.inject({}) { |h,(k,v)| h[k.to_sym] = v; h }
end

#authorize_params ⇒ Object

You can pass display, state or scope params to the auth request, if you need to set them dynamically. You can also set these options in the OmniAuth config :authorize_params option.

/auth/hackid?display=popup&state=ABC

# File 'lib/omniauth/strategies/hackid.rb', line 121

def authorize_params
  super.tap do |params|
    %w[display state scope].each do |v|
      if request.params[v]
        params[v.to_sym] = request.params[v]

        # to support omniauth-oauth2's auto csrf protection
        session['omniauth.state'] = params[:state] if v == 'state'
      end
    end

    params[:scope] ||= DEFAULT_SCOPE
  end
end

#build_access_token ⇒ Object

# File 'lib/omniauth/strategies/hackid.rb', line 59

def build_access_token
  if access_token = request.params["access_token"]
    ::OAuth2::AccessToken.from_hash(
      client, 
      {"access_token" => access_token}.update(access_token_options)
    )
  elsif signed_request_contains_access_token?
    hash = signed_request.clone
    ::OAuth2::AccessToken.new(
      client,
      hash.delete('oauth_token'),
      hash.merge!(access_token_options.merge(:expires_at => hash.delete('expires')))
    )
  else
    with_authorization_code! { super }.tap do |token|
      token.options.merge!(access_token_options)
    end
  end
end

#callback_url ⇒ Object

NOTE if we’re using code from the signed request then HackID sets the redirect_uri to ” during the authorize phase + it must match during the access_token phase: github.com/facebook/php-sdk/blob/master/src/base_facebook.php#L348

# File 'lib/omniauth/strategies/hackid.rb', line 102

def callback_url
  if @authorization_code_from_signed_request
    ''
  else
    options[:callback_url] || super
  end
end

#raw_info ⇒ Object

# File 'lib/omniauth/strategies/hackid.rb', line 55

def raw_info
  @raw_info ||= access_token.get('/me').parsed || {}
end

#request_phase ⇒ Object

# File 'lib/omniauth/strategies/hackid.rb', line 79

def request_phase
  if signed_request_contains_access_token?
    # if we already have an access token, we can just hit the
    # callback URL directly and pass the signed request along
    params = { :signed_request => raw_signed_request }
    params[:state] = request.params['state'] if request.params['state']
    query = Rack::Utils.build_query(params)

    url = callback_url
    url << "?" unless url.match(/\?/)
    url << "&" unless url.match(/[\&\?]$/)
    url << query

    redirect url
  else
    super
  end
end

#signed_request ⇒ Object

Parse signed request in order, from:

1. the request ‘signed_request’ param (server-side flow from canvas pages) or

2. a cookie (client-side flow via JS SDK)

# File 'lib/omniauth/strategies/hackid.rb', line 142

def signed_request
  @signed_request ||= raw_signed_request &&
    parse_signed_request(raw_signed_request)
end