Class: Pinterest::Resources::OAuth

Inherits:

Base

Object
Base
Pinterest::Resources::OAuth

show all

Defined in:: lib/pinterest/resources/oauth.rb

Overview

Wraps POST /oauth/token, /oauth/token/revoke, and /oauth/conversion_token. Token-endpoint calls use HTTP Basic auth (client_id:client_secret). The conversion-token call requires a valid Bearer access_token.

Instance Method Summary collapse

#authorization_url(scope: config.default_scope, redirect_uri: config.redirect_uri, state: SecureRandom.hex(16), response_type: "code") ⇒ String

Build the authorization URL users visit to grant permissions.
#conversion_token ⇒ Hash

Generate a long-lived conversion API token from the current access token.
#exchange_code(code:, redirect_uri: config.redirect_uri, continuous_refresh: nil) ⇒ Hash

Exchange an authorization code for access + refresh tokens.
#refresh(refresh_token:, scope: nil, continuous_refresh: nil) ⇒ Hash

Refresh an existing access token using a continuous refresh token.
#revoke(token:, token_type_hint: nil) ⇒ nil

Revoke an access or refresh token.

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from Pinterest::Resources::Base

Instance Method Details

#authorization_url(scope: config.default_scope, redirect_uri: config.redirect_uri, state: SecureRandom.hex(16), response_type: "code") ⇒ `String`

Build the authorization URL users visit to grant permissions.

Parameters:

redirect_uri (String) (defaults to: config.redirect_uri)
scope (Array<String>, String) (defaults to: config.default_scope) —

required scopes
state (String) (defaults to: SecureRandom.hex(16)) —

CSRF token you generate and later verify
response_type (String) (defaults to: "code") —

always “code” for the auth-code flow

Returns:

(String) —

full URL

# File 'lib/pinterest/resources/oauth.rb', line 80

def authorization_url(scope: config.default_scope, redirect_uri: config.redirect_uri, state: SecureRandom.hex(16), response_type: "code")
  scope_str = Array(scope).join(" ")
  params = URI.encode_www_form(
    response_type: response_type,
    client_id: config.client_id,
    redirect_uri: redirect_uri,
    scope: scope_str,
    state: state
  )
  "#{config.auth_url}?#{params}"
end

#conversion_token ⇒ `Hash`

Generate a long-lived conversion API token from the current access token. Requires config.access_token to be set (Bearer auth).

Returns:

(Hash) —

access_token, token_type: “conversion”



53
54
55

# File 'lib/pinterest/resources/oauth.rb', line 53

def conversion_token
  post("/oauth/conversion_token", {})
end

#exchange_code(code:, redirect_uri: config.redirect_uri, continuous_refresh: nil) ⇒ `Hash`

Exchange an authorization code for access + refresh tokens.

Parameters:

code (String) —

the code returned by the Pinterest OAuth redirect
redirect_uri (String) (defaults to: config.redirect_uri) —

must match the URI used in the auth request
continuous_refresh (Boolean, nil) (defaults to: nil) —

set true for apps created before 2025-09-25 to opt into the 60-day continuous refresh token

Returns:

(Hash) —

access_token, refresh_token, expires_in, scope, …

# File 'lib/pinterest/resources/oauth.rb', line 14

def exchange_code(code:, redirect_uri: config.redirect_uri, continuous_refresh: nil)
  resp = post("/oauth/token",
    {
      grant_type: "authorization_code",
      code: code,
      redirect_uri: redirect_uri,
      continuous_refresh: continuous_refresh
    },
    json: false,
    basic_auth: true
  )
  config.access_token = resp["access_token"]
  resp
end

#refresh(refresh_token:, scope: nil, continuous_refresh: nil) ⇒ `Hash`

Refresh an existing access token using a continuous refresh token.

Parameters:

refresh_token (String)
scope (String, nil) (defaults to: nil) —

space-separated scope string; omit to keep current scope
continuous_refresh (Boolean, nil) (defaults to: nil) —

same semantics as #exchange_code

Returns:

(Hash) —

new access_token, refresh_token, expires_in, …

# File 'lib/pinterest/resources/oauth.rb', line 35

def refresh(refresh_token:, scope: nil, continuous_refresh: nil)
  resp = post("/oauth/token",
    { grant_type: "refresh_token",
      refresh_token: refresh_token,
      scope: scope,
      continuous_refresh: continuous_refresh
    },
    json: false,
    basic_auth: true
  )
  config.access_token = resp["access_token"]
  resp
end

#revoke(token:, token_type_hint: nil) ⇒ `nil`

Revoke an access or refresh token. Only tokens issued for system users are supported.

Parameters:

token (String) —

the token to revoke
token_type_hint (String, nil) (defaults to: nil) —

“access_token” or “refresh_token”

Returns:

(nil)

# File 'lib/pinterest/resources/oauth.rb', line 63

def revoke(token:, token_type_hint: nil)
  post("/oauth/token/revoke",
    {
      token: token,
      token_type_hint: token_type_hint
    },
    json: false, basic_auth: true
  )
end

Class: Pinterest::Resources::OAuth

Overview

Instance Method Summary collapse

Methods inherited from Base

Constructor Details

Instance Method Details

#authorization_url(scope: config.default_scope, redirect_uri: config.redirect_uri, state: SecureRandom.hex(16), response_type: "code") ⇒ String

#conversion_token ⇒ Hash

#exchange_code(code:, redirect_uri: config.redirect_uri, continuous_refresh: nil) ⇒ Hash

#refresh(refresh_token:, scope: nil, continuous_refresh: nil) ⇒ Hash

#revoke(token:, token_type_hint: nil) ⇒ nil

#authorization_url(scope: config.default_scope, redirect_uri: config.redirect_uri, state: SecureRandom.hex(16), response_type: "code") ⇒ `String`

#conversion_token ⇒ `Hash`

#exchange_code(code:, redirect_uri: config.redirect_uri, continuous_refresh: nil) ⇒ `Hash`

#refresh(refresh_token:, scope: nil, continuous_refresh: nil) ⇒ `Hash`

#revoke(token:, token_type_hint: nil) ⇒ `nil`