Class: OmniAuth::Strategies::PracticeFusion
- Inherits:
-
OAuth2
- Object
- OAuth2
- OmniAuth::Strategies::PracticeFusion
- Defined in:
- lib/omniauth/strategies/practicefusion.rb
Instance Method Summary collapse
-
#authorize_params ⇒ Object
add the ‘authCookie’ parameter to the outbound request the ‘state’ parameter becomes an encrypted JWT of the session.
-
#callback_phase ⇒ Object
override the callback_phase so we can validate the state token signature.
-
#callback_url ⇒ Object
override callback_url so we don’t include query parameters See github.com/intridea/omniauth-oauth2/issues/81 for more details.
- #raw_info ⇒ Object
-
#session ⇒ Object
instead of using the session store, just collect into a hash.
- #session=(obj) ⇒ Object
Instance Method Details
#authorize_params ⇒ Object
add the ‘authCookie’ parameter to the outbound request the ‘state’ parameter becomes an encrypted JWT of the session
64 65 66 67 68 69 70 71 72 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 64 def super.merge(session['omniauth.params'].slice('authCookie')).tap do |authz_params| # so omniauth decided (in their infinite wisdom) that instead of setting the # omniauth.origin parameter using their session method, they were gonna access # env['rack.session'] directly, so we need to pull that out into the session session['omniauth.origin'] = env['rack.session']['omniauth.origin'] authz_params[:state] = JWT.encode(session, .client_secret) end end |
#callback_phase ⇒ Object
override the callback_phase so we can validate the state token signature
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 75 def callback_phase # If decode_state_parameter returns the correct state token, then # request.params['state'] == session['omniauth.state'] # which passes the CSRF check of omniauth-oauth2 # If decode_state_parameter returns nil, then this is true: # request.params['state'].to_s.empty? # which fails the CSRF check of omniauth-oauth2 request.params['state'] = decode_state_parameter # omniauth sets the environment up _before_ the callback_phase # begins, but we need to set it up after we've decoded the session @env['omniauth.origin'] = session.delete('omniauth.origin') @env['omniauth.origin'] = nil if env['omniauth.origin'] == '' @env['omniauth.params'] = session.delete('omniauth.params') # And now back to our regularly scheduled program super end |
#callback_url ⇒ Object
override callback_url so we don’t include query parameters See github.com/intridea/omniauth-oauth2/issues/81 for more details
54 55 56 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 54 def callback_url full_host + script_name + callback_path end |
#raw_info ⇒ Object
58 59 60 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 58 def raw_info @raw_info ||= access_token.get('/ehr/v1/users/me').parsed end |
#session ⇒ Object
instead of using the session store, just collect into a hash
96 97 98 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 96 def session @fake_session ||= {} end |
#session=(obj) ⇒ Object
100 101 102 |
# File 'lib/omniauth/strategies/practicefusion.rb', line 100 def session=(obj) @fake_session = obj end |