I've noticed that this repository hasn't been touched in a while, and that it has never conformed to the OAuth 2.0 specs despite community efforts. That's why I took all the fixes that people have so generously commited as a pull request and combined them in my own fork. Thanks goes out to the following people for writing their fixes:
pelle/oauth-plugin#132
pelle/oauth-plugin#125
@pelle for writing this gem.
The refreshing of the access token works as follows; once an access token has been acquired, the expires_in and expires_at attributes will be set, if the consumer does not respond with such a paramter, the standard of 3600 seconds (1 hour) will be used and the object will be saved to the datastore. There's an after_initialize callback on the Oauth2Token model which triggers only if the token has expired. If it does it will initialize the OAuth2 client and call the refresh! method. (thank you @greggroth for the pointer to this method) It will then save the new attributes to the datastore.
I'm pretty sure that the after_initialize is the way to go since most expirations are set to 3600 seconds and the object will be initialized many times in between. If anyone would know of a more clean way of doing this, please say you and I will try to fix it.
Here's an example of how to add Skydrive as an OAuth 2.0 provider in the oauth_consumers.rb file:
OAUTH_CREDENTIALS={
skydrive: {
key: "YourKeyHere",
secret: "YourSecretHere",
super_class: "Oauth2Token", # Use this or override this for OAuth 2.0 consumers
scope: "wl.basic wl.emails wl.skydrive_update wl.offline_access",
options: {
site: "https://login.live.com",
token_url: "/oauth20_token.srf",
authorize_url: "/oauth20_authorize.srf",
response_type: "code",
client_id: 'YourClientIdHere',
redirect_uri: 'http://www.yourwebsite.com/oauth_consumers/skydrive/callback2' # Required for OAuth 2.0 providers!
}
}
}
Note that the redirect_uri option is required for the callback. Your routes.rb file should look something like this to make this work:
resources :oauth_consumers do
get :callback, :on => :member
get :callback2, :on => :member # Add this line for OAuth 2.0 functionality.
end
I've noticed that this repository hasn't been touched in a while, and that it has never conformed to the OAuth 2.0 specs despite community efforts. That's why I took all the fixes that people have so generously commited as a pull request and combined them in my own fork. Thanks goes out to the following people for writing their fixes:
The refreshing of the access token works as follows; once an access token has been acquired, the expires_in and expires_at attributes will be set, if the consumer does not respond with such a paramter, the standard of 3600 seconds (1 hour) will be used and the object will be saved to the datastore. There's an after_initialize callback on the
Oauth2Token
model which triggers only if the token has expired. If it does it will initialize the OAuth2 client and call the refresh! method. (thank you @greggroth for the pointer to this method) It will then save the new attributes to the datastore.I'm pretty sure that the
after_initialize
is the way to go since most expirations are set to 3600 seconds and the object will be initialized many times in between. If anyone would know of a more clean way of doing this, please say you and I will try to fix it.Here's an example of how to add Skydrive as an OAuth 2.0 provider in the oauth_consumers.rb file:
Note that the redirect_uri option is required for the callback. Your routes.rb file should look something like this to make this work: