Created
July 6, 2014 08:24
-
-
Save tomykaira/2e75578a9078799b8aac to your computer and use it in GitHub Desktop.
The simplest webpay-extend application.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
require 'sinatra' | |
require 'oauth2' | |
enable :sessions | |
# アプリケーション情報を持つクライアントオブジェクトを作成 | |
client = OAuth2::Client.new('client_id', 'client_secret', :site => 'https://webpay.jp') | |
get '/' do | |
%Q{<a href="/request">テストアプリケーションを認可する</a>} | |
end | |
# A. 認可リクエストの開始 | |
get '/request' do | |
# CSRF 対策 (http://tools.ietf.org/html/rfc6749#section-10.12) | |
oauth_session_id = SecureRandom.hex(32) | |
session[:oauth_session_id] = oauth_session_id | |
# response_type, client_id, redirect_uri, scope, state を指定して UA をリダイレクト | |
# http://tools.ietf.org/html/rfc6749#section-4.1.1 | |
redirect to(client.auth_code.authorize_url(redirect_uri: to('/callback'), scope: 'read test', state: oauth_session_id)) | |
end | |
# C. 認可コードの受取 | |
get '/callback' do | |
if session[:oauth_session_id].nil? || params[:state] != session[:oauth_session_id] | |
return '認可に失敗しました' | |
end | |
# code をもとに token を取得 | |
# http://tools.ietf.org/html/rfc6749#section-4.1.3 | |
code = params[:code] | |
token = client.auth_code.get_token(code, redirect_uri: to('/callback')) | |
# 結果を表示 | |
token.params.inspect | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment