This repository has been archived by the owner on Oct 3, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
paypal_oauth2.rb
executable file
·95 lines (80 loc) · 2.8 KB
/
paypal_oauth2.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# frozen_string_literal: true
require 'omniauth-oauth2'
module OmniAuth
module Strategies
class PaypalOauth2 < OmniAuth::Strategies::OAuth2
DEFAULT_SCOPE = 'openid email profile'
DEFAULT_RESPONSE_TYPE = 'code'
SANDBOX_SITE = 'https://api.sandbox.paypal.com'
SANDBOX_AUTHORIZE_URL = 'https://www.sandbox.paypal.com/signin/authorize'
option :name, 'paypal_oauth2'
option :client_options,
site: 'https://api.paypal.com',
authorize_url: 'https://www.paypal.com/signin/authorize',
token_url: '/v1/identity/openidconnect/tokenservice',
setup: true
option :authorize_options, [:scope, :response_type]
option :provider_ignores_state, true
option :sandbox, false
# https://www.paypal.com/webapps/auth/identity/user/
# baCNqjGvIxzlbvDCSsfhN3IrQDtQtsVr79AwAjMxekw =>
# baCNqjGvIxzlbvDCSsfhN3IrQDtQtsVr79AwAjMxekw
uid { @parsed_uid ||= (%r{\/([^\/]+)\z}.match raw_info['user_id'])[1] }
info do
prune!(
'name' => raw_info['name'],
'email' => (raw_info['emails'].detect do |email|
email['primary']
end || {})['value'],
'location' => (raw_info['address'] || {})['locality']
)
end
extra do
prune!(
'account_type' => raw_info['account_type'],
'user_id' => raw_info['user_id'],
'address' => raw_info['address'],
'verified_account' => (raw_info['verified_account'] == 'true'),
'language' => raw_info['language'],
'zoneinfo' => raw_info['zoneinfo'],
'locale' => raw_info['locale'],
'account_creation_date' => raw_info['account_creation_date']
)
end
def callback_url
full_host + script_name + callback_path
end
def setup_phase
if options.sandbox
options.client_options[:site] = SANDBOX_SITE
options.client_options[:authorize_url] = SANDBOX_AUTHORIZE_URL
end
super
end
def raw_info
@raw_info ||= load_identity
end
def authorize_params
super.tap do |params|
params[:scope] ||= DEFAULT_SCOPE
params[:response_type] ||= DEFAULT_RESPONSE_TYPE
end
end
private
def load_identity
access_token.options[:mode] = :header
access_token.options[:param_name] = :access_token
access_token.options[:grant_type] = :authorization_code
access_token.get(
'/v1/identity/oauth2/userinfo', params: { schema: 'paypalv1.1' }
).parsed || {}
end
def prune!(hash)
hash.delete_if do |_, value|
prune!(value) if value.is_a?(Hash)
value.nil? || (value.respond_to?(:empty?) && value.empty?)
end
end
end
end
end