class Omniauth::Strategies::Gov
def authorize_params # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
def authorize_params # rubocop:disable Metrics/AbcSize, Metrics/MethodLength options.authorize_params[:state] = SecureRandom.hex(24) options.authorize_params[:client_id] = options[:client_id] options.authorize_params[:scope] = options[:scope] options.authorize_params[:response_type] = 'code' options.authorize_params[:nonce] = SecureRandom.hex[0..11] params = options.authorize_params .merge(options_for("authorize")) .merge(pkce_authorize_params) session["omniauth.pkce.verifier"] = options.pkce_verifier if options.pkce session["omniauth.state"] = params[:state] params end
def build_access_token
def build_access_token verifier = request.params["code"] atoken = client.auth_code.get_token( verifier, {"grant_type": "authorization_code", "code": verifier, "redirect_uri": OmniAuth.config.full_host+options.callback_path, "code_verifier": session["omniauth.pkce.verifier"]}, {"Content-Type" => "application/x-www-form-urlencoded", "Authorization" => "Basic #{Base64.strict_encode64(Settings.reload!.omniauth.client_id+":"+Settings.reload!.omniauth.client_secret)}" }) atoken end
def prune!(hash)
def prune!(hash) hash.delete_if do |_, value| prune!(value) if value.is_a?(Hash) value.nil? || (value.respond_to?(:empty?) && value.empty?) end end
def raw_info
def raw_info @raw_info ||= JWT.decode(credentials["id_token"], nil, false)[0] end