class Box::Authorization
Public Class Methods
authorize(config = {})
click to toggle source
# File lib/box/authorization.rb, line 5 def self.authorize(config = {}) username, password = config[:username], config[:password] raise "Unable to get auth tokens without username and password" unless username && password require 'mechanize' Box.log '... attempting to authorize with username and password' client_id, client_secret = config[:client_id], config[:client_secret] agent = Mechanize::new session = Session.new(config) # Get the authorization URL from Box by specifying redirect URL # as the arbitrary but working Chase bank home page - this must match the address at Box # authorize_url = box_session.authorize_url('https://anywhere.airdye.com/oauth2callback') authorize_url = session.authorize_url(redirect_uri: 'https://www.chase.com') # process the first login screen login_page = agent.get(authorize_url) # get the login form where you enter the username and password login_form = login_page.form_with(name: 'login_form') login_form.login = username login_form.password = password # submit the form and get the allow/deny page back allow_page = agent.submit(login_form) # find the form that allows consent consent_form = allow_page.form_with(name: 'consent_form') # now find the button that submits the allow page with consent accept_button = consent_form.button_with(name: 'consent_accept') # Submit the form to cause the redirection with authentication code redirpage = agent.submit(consent_form, accept_button) # Use the CGI module to get a hash of the variables (stuff after ?) # and then the authentication code is embedded in [" and "] so # strip those code_query = CGI::parse(redirpage.uri.query)['code'].to_s code = code_query[2,code_query.length-4] # get the box access token using the authentication code session.aquire_access_token(code) # print the tokens to show we have them p session.access_token p session.refresh_token Box::Session.on_token_refresh.call(session.access_token, session.refresh_token) # Create a new Box client based on the authenticated session # ap Box.client.root.items return session.oauth2_access_token end