class OAuth2::Strategy::AuthCode
@see datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-15#section-4.1<br><br>The Authorization Code Strategy
def assert_valid_params(params)
def assert_valid_params(params) raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret') end
def authorize_params(params = {})
-
params(Hash) -- additional query parameters
def authorize_params(params = {}) params.merge('response_type' => 'code', 'client_id' => @client.id) end
def authorize_url(params = {})
-
params(Hash) -- additional query parameters for the URL
def authorize_url(params = {}) assert_valid_params(params) @client.authorize_url(authorize_params.merge(params)) end
def get_token(code, params = {}, opts = {})
- Note: - that you must also provide a :redirect_uri with most OAuth 2.0 providers
Parameters:
-
opts(Hash) -- access_token_opts, @see Client#get_token -
params(Hash) -- additional params -
code(String) -- The Authorization Code value
def get_token(code, params = {}, opts = {}) params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params) params_dup = params.dup params.each_key do |key| params_dup[key.to_s] = params_dup.delete(key) if key.is_a?(Symbol) end @client.get_token(params_dup, opts) end