Permalink
Browse files

The client obtains an access token from the authorization server by m…

…aking an HTTP POST request to the token endpoint (not GET).
  • Loading branch information...
1 parent d67e48f commit 84669731cd404a8ad6c4cc41734809d332a79be4 @jeremy committed Apr 25, 2010
Showing with 4 additions and 4 deletions.
  1. +2 −2 lib/oauth2/strategy/web_server.rb
  2. +2 −2 spec/oauth2/strategy/web_server_spec.rb
View
4 lib/oauth2/strategy/web_server.rb
@@ -10,7 +10,7 @@ def authorize_params(options = {}) #:nodoc:
# in order to successfully verify your request for most OAuth 2.0
# endpoints.
def get_access_token(code, options = {})
- response = @client.request(:get, @client.access_token_url, access_token_params(code, options))
+ response = @client.request(:post, @client.access_token_url, access_token_params(code, options))
params = Rack::Utils.parse_query(response)
token = params['access_token']
OAuth2::AccessToken.new(@client, token)
@@ -30,4 +30,4 @@ def access_token_params(code, options = {}) #:nodoc:
end
end
end
-end
+end
View
4 spec/oauth2/strategy/web_server_spec.rb
@@ -5,7 +5,7 @@
cli = OAuth2::Client.new('abc','def', :site => 'http://api.example.com')
cli.connection.build do |b|
b.adapter :test do |stub|
- stub.get('/oauth/access_token?code=sushi&client_id=abc&client_secret=def&type=web_server') do |env|
+ stub.post('/oauth/access_token?code=sushi&client_id=abc&client_secret=def&type=web_server') do |env|
[200, {}, 'a=1&access_token=salmon']
end
end
@@ -42,4 +42,4 @@
@access.token.should == 'salmon'
end
end
-end
+end

0 comments on commit 8466973

Please sign in to comment.