allow specifying custom state key-values (#218)
This commit is contained in:
parent
f2f83b20bc
commit
9e797f13b8
|
@ -154,6 +154,8 @@ module Google
|
|||
# @param [String, Array<String>] scope
|
||||
# Authorization scope to request. Overrides the instance scopes if
|
||||
# not nil.
|
||||
# @param [Hash] state
|
||||
# Optional key-values to be returned to the oauth callback.
|
||||
# @return [String]
|
||||
# Authorization url
|
||||
def get_authorization_url options = {}
|
||||
|
@ -162,12 +164,14 @@ module Google
|
|||
raise NIL_REQUEST_ERROR if request.nil?
|
||||
raise NIL_SESSION_ERROR if request.session.nil?
|
||||
|
||||
state = options[:state] || {}
|
||||
|
||||
redirect_to = options[:redirect_to] || request.url
|
||||
request.session[XSRF_KEY] = SecureRandom.base64
|
||||
options[:state] = MultiJson.dump(
|
||||
options[:state] = MultiJson.dump(state.merge(
|
||||
SESSION_ID_KEY => request.session[XSRF_KEY],
|
||||
CURRENT_URI_KEY => redirect_to
|
||||
)
|
||||
))
|
||||
options[:base_url] = request.url
|
||||
super options
|
||||
end
|
||||
|
|
|
@ -63,6 +63,12 @@ describe Google::Auth::WebUserAuthorizer do
|
|||
)
|
||||
end
|
||||
|
||||
it "should allow adding custom state key-value pairs" do
|
||||
url = authorizer.get_authorization_url request: request, state: { james: "bond", kind: 1 }
|
||||
expect(url).to match(%r{%22james%22:%22bond%22})
|
||||
expect(url).to match(%r{%22kind%22:1})
|
||||
end
|
||||
|
||||
it "should include request forgery token in state" do
|
||||
expect(SecureRandom).to receive(:base64).and_return("aGVsbG8=")
|
||||
url = authorizer.get_authorization_url request: request
|
||||
|
|
Loading…
Reference in New Issue