-
-
Notifications
You must be signed in to change notification settings - Fork 119
Client Obtain Token
nov edited this page Oct 3, 2014
·
17 revisions
OAuth 2.0 defines several flows to obtain access tokens. (For more details, please consult the RFC6749)
rack-oauth2 run each flow following
- set grant (the way to set grant is different in each flow)
- call
client.access_token!
Code Flow would be the most basic flow to get an access token for server-side apps.
# Authorization Request
authorization_uri = client.authorization_uri(
scope: [:profile, :email]
)
`open "#{authorization_uri}"`
# Authorization Response
puts "# Authorization Code"
code = gets.strip
# Token Request
client.authorization_code = code
client.access_token! # => Rack::OAuth2::AccessTokens subclassrack-oauth2 uses Authorization header for Client Authentication as default.
If your OAuth Server doesn't support Basic Auth for Client Authentication and require including client_secret in request body, do
client.access_token! :bodyClient Credentials Flow doesn't require any user interaction.
More over, since you already set client_secret in client initialization, you don't need to set any grant here.
Just call client.access_token!.
client.access_token! # => Rack::OAuth2::AccessTokens subclassIn this flow, your client needs to obtain end-user's username & password directly.
The way to obtain them is up to you.
client.resource_owner_credentials = 'username', 'password'
client.access_token! # => Rack::OAuth2::AccessTokens subclassclient.refresh_token = '02e27f838b6e378eb1259...'
client.access_token! # => Rack::OAuth2::AccessTokens subclass