class OAuth2::Strategy::Assertion
@see tools.ietf.org/html/draft-ietf-oauth-v2-10#section-4.1.3
Sample usage:
client = OAuth2::Client.new(client_id, client_secret, :site => 'http://localhost:8080') params = {:hmac_secret => "some secret", # or :private_key => "private key string", :iss => "http://localhost:3001", :prn => "me@here.com", :exp => Time.now.utc.to_i + 3600} access = client.assertion.get_token(params) access.token # actual access_token string access.get("/api/stuff") # making api calls with access token in header
@see tools.ietf.org/html/draft-ietf-oauth-v2-10#section-4.1.3
Sample usage:
client = OAuth2::Client.new(client_id, client_secret, :site => 'http://localhost:8080') params = {:hmac_secret => "some secret", # or :private_key => "private key string", :iss => "http://localhost:3001", :prn => "me@here.com", :exp => Time.now.utc.to_i + 3600} access = client.assertion.get_token(params) access.token # actual access_token string access.get("/api/stuff") # making api calls with access token in header
Public Instance Methods
build_assertion(params)
click to toggle source
# File lib/oauth2-cocoa/strategy/assertion.rb, line 22 def build_assertion(params) claims = { iss: params[:iss], aud: params[:aud], prn: params[:prn], exp: params[:exp] } if params[:hmac_secret] CocoaSecurity.hmacSha256(claims.to_s, hmacKey: params[:hmac_secret]).hex elsif params[:private_key] CocoaSecurity.hmacSha256(claims.to_s, hmacKey: params[:private_key]).hex end end
build_request(params)
click to toggle source
# File lib/oauth2/strategy/assertion.rb, line 48 def build_request(params) assertion = build_assertion(params) { grant_type: "assertion", assertion_type: "urn:ietf:params:oauth:grant-type:jwt-bearer", assertion: assertion, scope: params[:scope] }.merge(client_params) end
get_token(params = {}, opts = {})
click to toggle source
Retrieve an access token given the specified client.
@param [Hash] params assertion params pass either :hmac_secret or :private_key, but not both.
params :hmac_secret, secret string. params :private_key, private key string. params :iss, issuer params :aud, audience, optional params :prn, principal, current user params :exp, expired at, in seconds, like Time.now.utc.to_i + 3600
@param [Hash] opts options
# File lib/oauth2/strategy/assertion.rb, line 43 def get_token(params = {}, opts = {}) hash = build_request(params) @client.get_token(hash, opts.merge("refresh_token" => nil)) end