Ruby on Rails 中的回调

Question

使用 'oauth2' gem 和 Heroku 服务器，我设法创建了一个客户端对象并将用户重定向到登录站点：

client = OAuth2::Client.new(
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
:authorize_url => "/oauth/authorize",
:token_url => "/oauth/token",
:site => "https://connect.xxxxxxxxxx.com")

redirect_to(client.auth_code.authorize_url(:redirect_uri => 'https://xxxxx.herokuapp.com/callback'))

浏览器随后会按预期将自己重定向到回调链接，例如：

https://xxxxx.herokuapp.com/callback?code=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

我需要访问授权代码，然后发送访问令牌和刷新令牌的发布请求，但是对于 Ruby 和 Ruby on Rails 来说是全新的，我不知道如何获取回调并解析代码。我研究过的所有十几个教程/文档都提到应该“神奇地获得”授权码，但我不确定它是如何明确工作的。我尝试创建一个“回调”控制器并查看无济于事 - 路由文件中是否可能缺少某些内容？非常感谢您的帮助！

Answer 1

您的 CallbackController 可能会开始看起来像这样：

class CallbackController < ApplicationController
  def index
    access_token = client.auth_code.get_token(params[:code], redirect_uri: 'https://xxxxx.herokuapp.com/callback')
    # Now you have an OAuth2::AccessToken object that you can either use to:
    # - make direct requests to the API
    # - or access access_token.token, access_token.refresh_token, access_token.expires_at, access_token.expires_in and store those
    #   somewhere for later use
    # http://www.rubydoc.info/github/intridea/oauth2/OAuth2/AccessToken
  end

  private

  def client
    @client ||= OAuth2::Client.new(
      "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      authorize_url: "/oauth/authorize",
      token_url: "/oauth/token",
      site: "https://connect.xxxxxxxxxx.com"
    )
  end
end