Class: OmniAuth::Strategies::LineOauth2

Inherits:
OAuth2
  • Object
show all
Defined in:
lib/omniauth/strategies/oauth2_line.rb

Instance Method Summary collapse

Instance Method Details

#base64url_decode(target) ⇒ Object 



65
66
67
68
69
70
71
72
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 65

def base64url_decode(target)
   rem = (target.length) % 4
   if (rem > 0)
    target += '=' * (4 - rem)
   end
   return JSON.load(Base64.urlsafe_decode64(target))

end

#callback_phaseObject

host changed



25
26
27
28
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 25

def callback_phase  
  options[:client_options][:site] = 'https://api.line.me'
  super
end

#callback_urlObject 



16
17
18
19
20
21
22
23
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 16

def callback_url
  if options.authorization_code_from_signed_request_in_cookie
    ''
  else
    # Fixes regression in omniauth-oauth2 v1.4.0 by https://github.com/intridea/omniauth-oauth2/commit/85fdbe117c2a4400d001a6368cc359d88f40abc7
    options[:callback_url] || (full_host + script_name + callback_path)
  end
end

#email_from_id_tokenObject 



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 41

def email_from_id_token
   if !options[:skip_jwt] && !access_token['id_token'].nil?
     decoded = ::JWT.decode(access_token['id_token'], nil, false).first
     payload_decoded = base64url_decode(access_token['id_token'].split(".")[1])
     #Rails.logger.info  "JWT decode payload =>" + payload_decoded.to_s
     email = payload_decoded['email']
     # We have to manually verify the claims because the third parameter to
     # JWT.decode is false since no verification key is provided.
     ::JWT::Verify.verify_claims(decoded,
                                 verify_iss: true,
                                 iss: 'https://access.line.me',
                                 verify_aud: true,
                                 aud: options.client_id,
                                 verify_sub: false,
                            #     verify_expiration: true,
                                 verify_not_before: true,
                                 verify_iat: true,
                                 verify_jti: false,
                                 leeway: options[:jwt_leeway])    
    end    
   return email
end

#prune!(hash) ⇒ Object 



74
75
76
77
78
79
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 74

def prune!(hash)
  hash.delete_if do |_, v|
    prune!(v) if v.is_a?(Hash)
    v.nil? || (v.respond_to?(:empty?) && v.empty?)
  end
end

#raw_infoObject

Require: Access token with PROFILE permission issued.



83
84
85
86
87
 
# File 'lib/omniauth/strategies/oauth2_line.rb', line 83

def raw_info
  @raw_info ||= JSON.load(access_token.get('v2/profile').body)
rescue ::Errno::ETIMEDOUT
  raise ::Timeout::Error
end