class OAuth2::Strategy::AuthCode

The Authorization Code Strategy

@see datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-15#section-4.1

Public Instance Methods

authorize_params(params = {}) click to toggle source

The required query parameters for the authorize URL

@param [Hash] params additional query parameters

# File lib/oauth2/strategy/auth_code.rb, line 12
def authorize_params(params = {})
  params.merge('response_type' => 'code', 'client_id' => @client.id)
end
authorize_url(params = {}) click to toggle source

The authorization URL endpoint of the provider

@param [Hash] params additional query parameters for the URL

# File lib/oauth2/strategy/auth_code.rb, line 19
def authorize_url(params = {})
  assert_valid_params(params)
  @client.authorize_url(authorize_params.merge(params))
end
get_token(code, params = {}, opts = {}) click to toggle source

Retrieve an access token given the specified validation code.

@param [String] code The Authorization Code value @param [Hash] params additional params @param [Hash] opts access_token_opts, @see Client#get_token @note that you must also provide a :redirect_uri with most OAuth 2.0 providers

# File lib/oauth2/strategy/auth_code.rb, line 30
def get_token(code, params = {}, opts = {})
  params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)
  params_dup = params.dup
  params.each_key do |key|
    params_dup[key.to_s] = params_dup.delete(key) if key.is_a?(Symbol)
  end

  @client.get_token(params_dup, opts)
end

Private Instance Methods

assert_valid_params(params) click to toggle source
# File lib/oauth2/strategy/auth_code.rb, line 42
def assert_valid_params(params)
  raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret')
end