Class: Rubino::OAuth::Provider::Github
- Inherits:
-
Provider
- Object
- Provider
- Rubino::OAuth::Provider::Github
- Defined in:
- lib/rubino/oauth/provider/github.rb
Overview
GitHub OAuth 2.0 provider.
Scopes are sent space-separated (GitHub's expected delimiter, inherited
from #scope_separator). When the authenticated user has set
their primary email private, /user returns email: nil; in that case
we fall back to /user/emails and pick the primary entry.
Constant Summary collapse
- API_BASE =
"https://api.github.com"
Class Method Summary collapse
- .authorize_path ⇒ Object
- .default_scopes ⇒ Object
- .display_name ⇒ Object
- .id ⇒ Object
- .site ⇒ Object
- .token_path ⇒ Object
Instance Method Summary collapse
- #fetch_account_info(access_token) ⇒ Object
-
#revoke(access_token) ⇒ Boolean
Revoke an access token by deleting the OAuth grant for our app.
Class Method Details
.authorize_path ⇒ Object
19 |
# File 'lib/rubino/oauth/provider/github.rb', line 19 def self. = "/login/oauth/authorize" |
.default_scopes ⇒ Object
21 |
# File 'lib/rubino/oauth/provider/github.rb', line 21 def self.default_scopes = %w[repo user:email] |
.display_name ⇒ Object
17 |
# File 'lib/rubino/oauth/provider/github.rb', line 17 def self.display_name = "GitHub" |
.id ⇒ Object
16 |
# File 'lib/rubino/oauth/provider/github.rb', line 16 def self.id = :github |
.site ⇒ Object
18 |
# File 'lib/rubino/oauth/provider/github.rb', line 18 def self.site = "https://github.com" |
.token_path ⇒ Object
20 |
# File 'lib/rubino/oauth/provider/github.rb', line 20 def self.token_path = "/login/oauth/access_token" |
Instance Method Details
#fetch_account_info(access_token) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/rubino/oauth/provider/github.rb', line 43 def fetch_account_info(access_token) conn = Faraday.new(url: API_BASE) do |f| f.headers["Authorization"] = "Bearer #{access_token}" f.headers["Accept"] = "application/vnd.github+json" f.headers["User-Agent"] = "rubino" end user = JSON.parse(conn.get("/user").body) email = user["email"] || fetch_primary_email(conn) { account_id: user["id"].to_s, account_email: email, metadata: { login: user["login"], name: user["name"] } } end |
#revoke(access_token) ⇒ Boolean
Revoke an access token by deleting the OAuth grant for our app. https://docs.github.com/en/rest/apps/oauth-applications#delete-an-app-token Authentication is the app's (client_id, client_secret) via Basic, not the user token — the token to revoke goes in the JSON body.
32 33 34 35 36 37 38 39 40 41 |
# File 'lib/rubino/oauth/provider/github.rb', line 32 def revoke(access_token) conn = Faraday.new(url: API_BASE) do |f| f.request :authorization, :basic, @client_id, @client_secret f.headers["Accept"] = "application/vnd.github+json" f.headers["Content-Type"] = "application/json" f.headers["User-Agent"] = "rubino" end response = conn.delete("/applications/#{@client_id}/token", JSON.generate(access_token: access_token)) response.success? end |