Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- gem "omniauth-yandex"
- devise_for :users, :controllers => { :omniauth_callbacks => "callbacks" }
- def yandex
- require 'net/http'
- require 'json' # => false
- @user = User.from_omniauth(request.env["omniauth.auth"])
- @client_id = Rails.application.secrets.client_id
- @secret = Rails.application.secrets.password
- @authorization_code = params[:code]
- @user.update_attribute(:code, @authorization_code)
- @user.update_attribute(:state, params[:state])
- @post_body = "grant_type=authorization_code&code=#{@authorization_code}&client_id=#{@client_id}&client_secret=#{@secret}"
- @url = "https://oauth.yandex.ru/token"
- url = URI.parse(@url)
- req = Net::HTTP::Post.new(url.request_uri)
- req['host'] ="oauth.yandex.ru"
- req['Content-Length'] = @post_body.length
- req['Content-Type'] = 'application/x-www-form-urlencoded'
- req.body = @post_body
- http = Net::HTTP.new(url.host, url.port)
- http.use_ssl = (url.scheme == "https")
- @response_mess = http.request(req)
- refreshhash = JSON.parse(@response_mess.body)
- access_token = refreshhash['access_token']
- refresh_token = refreshhash['refresh_token']
- access_token_expires_at = DateTime.now + refreshhash["expires_in"].to_i.seconds
- if access_token.present? && refresh_token.present? && access_token_expires_at.present?
- @user.update_attribute(:access_token, access_token)
- @user.update_attribute(:refresh_token, refresh_token)
- @user.update_attribute(:expires_in, access_token_expires_at)
- sign_in(@user)
- redirect_to admin_dashboard_index_path
- end
- end
- require 'rest-client'
- devise :database_authenticatable, :registerable,
- :recoverable, :rememberable, :trackable, :validatable,
- :omniauthable, :omniauth_providers => [:yandex]
- def self.from_omniauth(auth)
- where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
- user.provider = auth.provider
- user.uid = auth.uid
- user.email = auth.info.email
- user.code = auth.info.code
- user.state = auth.info.state
- user.password = Devise.friendly_token[0,20]
- end
- end
- def refresh_token_if_expired
- if token_expired?
- response = RestClient.post "https://oauth.yandex.com/token",
- :grant_type => 'refresh_token',
- :refresh_token => self.refresh_token
- refreshhash = JSON.parse(response.body)
- self.access_token = refreshhash['access_token']
- self.expires_in = DateTime.now + refreshhash["expires_in"].to_i.seconds
- self.save
- puts 'Saved'
- end
- end
- def token_expired?
- expiry = Time.at(self.expires_in)
- logger.debug "#{expiry}"
- return true if expiry < Time.now
- token_expires_at = expiry
- save if changed?
- false
- end
- end
- @response_mess = http.request(req)
- Exchanging an authorization code for a token
- The application sends the code, along with its ID and password, in a POST request.
- POST /token HTTP/1.1
- Host: oauth.yandex.
- Content-type: application/x-www-form-urlencoded
- Content-Length: <length of request body>
- [Authorization: Basic <encoded client_id:client_secret string>]
- grant_type=authorization_code
- & code=<authorization code>
- [& client_id=<application ID>]
- [& client_secret=<application password>]
- [& device_id=<device ID>]
- [& device_name=<device name>]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement