66 | 66 |
{ :params => params }
|
67 | 67 |
end
|
68 | 68 |
|
|
69 |
def callback_phase
|
|
70 |
super
|
|
71 |
rescue NoAuthorizationCodeError => e
|
|
72 |
fail!(:no_authorization_code, e)
|
|
73 |
rescue UnknownSignatureAlgorithmError => e
|
|
74 |
fail!(:unknown_signature_algoruthm, e)
|
|
75 |
end
|
|
76 |
|
|
77 |
def request_phase
|
|
78 |
if signed_request_contains_access_token?
|
|
79 |
# if we already have an access token, we can just hit the
|
|
80 |
# callback URL directly and pass the signed request along
|
|
81 |
params = { :signed_request => raw_signed_request }
|
|
82 |
query = Rack::Utils.build_query(params)
|
|
83 |
|
|
84 |
url = callback_url
|
|
85 |
url << "?" unless url.match(/\?/)
|
|
86 |
url << "&" unless url.match(/[\&\?]$/)
|
|
87 |
url << query
|
|
88 |
|
|
89 |
redirect url
|
|
90 |
else
|
|
91 |
super
|
|
92 |
end
|
|
93 |
end
|
|
94 |
|
|
95 |
# NOTE if we're using code from the signed request
|
|
96 |
# then FB sets the redirect_uri to '' during the authorize
|
|
97 |
# phase + it must match during the access_token phase:
|
|
98 |
# https://github.com/facebook/php-sdk/blob/master/src/base_facebook.php#L348
|
|
99 |
def callback_url
|
|
100 |
if @authorization_code_from_signed_request
|
|
101 |
''
|
|
102 |
else
|
|
103 |
options[:callback_url] || super
|
|
104 |
end
|
|
105 |
end
|
|
106 |
|
|
107 |
def access_token_options
|
|
108 |
options.access_token_options.inject({}) { |h,(k,v)| h[k.to_sym] = v; h }
|
|
109 |
end
|
|
110 |
|
|
111 |
##
|
|
112 |
# You can pass +display+, +scope+, or +auth_type+ params to the auth request, if
|
|
113 |
# you need to set them dynamically. You can also set these options
|
|
114 |
# in the OmniAuth config :authorize_params option.
|
|
115 |
#
|
|
116 |
# /auth/facebook?display=popup
|
|
117 |
#
|
|
118 |
def authorize_params
|
|
119 |
super.tap do |params|
|
|
120 |
%w[display scope auth_type].each do |v|
|
|
121 |
if request.params[v]
|
|
122 |
params[v.to_sym] = request.params[v]
|
|
123 |
end
|
|
124 |
end
|
|
125 |
|
|
126 |
params[:scope] ||= DEFAULT_SCOPE
|
|
127 |
end
|
|
128 |
end
|
|
129 |
|
|
130 |
##
|
|
131 |
# Parse signed request in order, from:
|
|
132 |
#
|
|
133 |
# 1. the request 'signed_request' param (server-side flow from canvas pages) or
|
|
134 |
# 2. a cookie (client-side flow via JS SDK)
|
|
135 |
#
|
|
136 |
def signed_request
|
|
137 |
@signed_request ||= raw_signed_request &&
|
|
138 |
parse_signed_request(raw_signed_request)
|
|
139 |
end
|
|
140 |
|
|
141 |
protected
|
|
142 |
|
69 | 143 |
def build_access_token
|
70 | 144 |
if signed_request_contains_access_token?
|
71 | 145 |
hash = signed_request.clone
|
|
79 | 153 |
token.options.merge!(access_token_options)
|
80 | 154 |
end
|
81 | 155 |
end
|
82 | |
end
|
83 | |
|
84 | |
def callback_phase
|
85 | |
super
|
86 | |
rescue NoAuthorizationCodeError => e
|
87 | |
fail!(:no_authorization_code, e)
|
88 | |
rescue UnknownSignatureAlgorithmError => e
|
89 | |
fail!(:unknown_signature_algoruthm, e)
|
90 | |
end
|
91 | |
|
92 | |
def request_phase
|
93 | |
if signed_request_contains_access_token?
|
94 | |
# if we already have an access token, we can just hit the
|
95 | |
# callback URL directly and pass the signed request along
|
96 | |
params = { :signed_request => raw_signed_request }
|
97 | |
query = Rack::Utils.build_query(params)
|
98 | |
|
99 | |
url = callback_url
|
100 | |
url << "?" unless url.match(/\?/)
|
101 | |
url << "&" unless url.match(/[\&\?]$/)
|
102 | |
url << query
|
103 | |
|
104 | |
redirect url
|
105 | |
else
|
106 | |
super
|
107 | |
end
|
108 | |
end
|
109 | |
|
110 | |
# NOTE if we're using code from the signed request
|
111 | |
# then FB sets the redirect_uri to '' during the authorize
|
112 | |
# phase + it must match during the access_token phase:
|
113 | |
# https://github.com/facebook/php-sdk/blob/master/src/base_facebook.php#L348
|
114 | |
def callback_url
|
115 | |
if @authorization_code_from_signed_request
|
116 | |
''
|
117 | |
else
|
118 | |
options[:callback_url] || super
|
119 | |
end
|
120 | |
end
|
121 | |
|
122 | |
def access_token_options
|
123 | |
options.access_token_options.inject({}) { |h,(k,v)| h[k.to_sym] = v; h }
|
124 | |
end
|
125 | |
|
126 | |
##
|
127 | |
# You can pass +display+, +scope+, or +auth_type+ params to the auth request, if
|
128 | |
# you need to set them dynamically. You can also set these options
|
129 | |
# in the OmniAuth config :authorize_params option.
|
130 | |
#
|
131 | |
# /auth/facebook?display=popup
|
132 | |
#
|
133 | |
def authorize_params
|
134 | |
super.tap do |params|
|
135 | |
%w[display scope auth_type].each do |v|
|
136 | |
if request.params[v]
|
137 | |
params[v.to_sym] = request.params[v]
|
138 | |
end
|
139 | |
end
|
140 | |
|
141 | |
params[:scope] ||= DEFAULT_SCOPE
|
142 | |
end
|
143 | |
end
|
144 | |
|
145 | |
##
|
146 | |
# Parse signed request in order, from:
|
147 | |
#
|
148 | |
# 1. the request 'signed_request' param (server-side flow from canvas pages) or
|
149 | |
# 2. a cookie (client-side flow via JS SDK)
|
150 | |
#
|
151 | |
def signed_request
|
152 | |
@signed_request ||= raw_signed_request &&
|
153 | |
parse_signed_request(raw_signed_request)
|
154 | 156 |
end
|
155 | 157 |
|
156 | 158 |
private
|