所以我在我的Rails 4应用程序中使用了门卫,并为它构建了一个API包装器,以帮助我的ruby用户。几乎所有事情都按照它应该的方式运作。我添加了一个OAuth2客户端,如下所示:
require 'oauth2-client'
module MyApiWrapper
class OAuth2Client < OAuth2Client::Client
SITE_URL = 'https://myapp.com'
TOKEN_PATH = '/oauth/token'
AUTHORIZE_PATH = '/oauth/authorize'
def initialize(client_id, client_secret, opts={})
site_url = opts.delete(:site_url) || SITE_URL
opts[:token_path] ||= TOKEN_PATH
opts[:authorize_path] ||= AUTHORIZE_PATH
super(site_url, client_id, client_secret, opts)
yield self if block_given?
self
end
...
def refresh!(token, opts={})
opts[:authenticate] = :body
refresh_token.get_token(token, opts)
end
end
end
当我第一次创建OAuth2Client的实例并授权用户时,它看起来像这样:
client = MyApiWrapper::OAuth2Client.new(ENV['CLIENT_ID'], ENV['CLIENT_SECRET'])
response = client.exchange_auth_code_for_token(:params => {
:code => params[:code],
:redirect_uri => 'http://localhost:3000/auth/myapp/callback'
})
token = JSON.parse response.body
access_token = token["access_token"]
@refresh_token = token["refresh_token"]
它以一个令牌对(使用refresh_token)以它应该的方式响应。使用与以前相同的OAuth2Client实例,我可以成功刷新令牌以获取新的令牌对,如下所示:
response = client.refresh!(@refresh_token)
但是,如果我尝试使用OAuth2Client的新实例(稍后或在另一个控制器中等)执行相同操作,那么我会从门卫那里得到以下错误响应:
The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.