Skip to content

Instantly share code, notes, and snippets.

@nov nov/google_pkce_client.rb
Last active May 19, 2020

Embed
What would you like to do?
require 'rack/oauth2'
Rack::OAuth2.debug!
client = Rack::OAuth2::Client.new(
identifier: 'YOUR_CLIENT_ID',
secret: 'YOUR_CLIENT_SECRET',
redirect_uri: 'YOUR_REDIRECT_URI',
authorization_endpoint: 'https://accounts.google.com/o/oauth2/v2/auth',
token_endpoint: 'https://oauth2.googleapis.com/token'
)
code_verifier = SecureRandom.hex(32)
code_challenge = Base64.urlsafe_encode64(OpenSSL::Digest::SHA256.digest(code_verifier), padding: false)
authorization_url = client.authorization_uri(
scope: 'email',
# code_challenge: code_challenge,
# code_challenge_method: :S256
)
puts authorization_url
`open "#{authorization_url}"`
print 'code: ' and STDOUT.flush
code = gets.chop
client.authorization_code = code
client.access_token!(
code_verifier: code_verifier
)
# NOTE: if code_challange isn't sent at AuthZ Req, you should get an error as below.
#
# Status: 400 Bad Request
#
# {
# "error": "invalid_grant",
# "error_description": "code_verifier or verifier is not needed."
# }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.