OAuth for Ruby
Clone or download
pboling Merge pull request #151 from gouthamvel/patch-1
Update to Readme for 3-legged authorization
Latest commit cb9b9db Mar 1, 2018


Ruby OAuth


Build Status


This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.

See the OAuth specs oauth.net/core/1.0/


sudo gem install oauth

The source code is now hosted on the OAuth GitHub Project github.com/oauth-xx/oauth-ruby

The basics

This is a ruby library which is intended to be used in creating Ruby Consumer and Service Provider applications. It is NOT a Rails plugin, but could easily be used for the foundation for such a Rails plugin.

As a matter of fact it has been pulled out from an OAuth Rails GEM (rubygems.org/gems/oauth-plugin github.com/pelle/oauth-plugin) which now uses this gem as a dependency.

Demonstration of usage

We need to specify the oauth_callback url explicitly, otherwise it defaults to “oob” (Out of Band)

@callback_url = ""

Create a new consumer instance by passing it a configuration hash:

@consumer = OAuth::Consumer.new("key","secret", :site => "https://agree2")

Start the process by requesting a token

@request_token = @consumer.get_request_token(:oauth_callback => @callback_url)

session[:token] = request_token.token
session[:token_secret] = request_token.secret
redirect_to @request_token.authorize_url(:oauth_callback => @callback_url)

When user returns create an access_token

hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
request_token  = OAuth::RequestToken.from_hash(@consumer, hash)
@access_token = @request_token.get_access_token
# For 3-legged authorization, flow oauth_verifier is passed as param in callback
# @access_token = @request_token.get_access_token(oauth_verifier: params[:oauth_verifier]) 
@photos = @access_token.get('/photos.xml')

Now that you have an access token, you can use Typhoeus to interact with the OAuth provider if you choose.

require 'typhoeus'
require 'oauth/request_proxy/typhoeus_request'
oauth_params = {:consumer => oauth_consumer, :token => access_token}
hydra = Typhoeus::Hydra.new
req = Typhoeus::Request.new(uri, options) # :method needs to be specified in options
oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
req.options[:headers].merge!({"Authorization" => oauth_helper.header}) # Signs the request
@response = req.response

More Information

How to submit patches

The source code is now hosted on the OAuth GitHub Project github.com/oauth-xx/oauth-ruby

To submit a patch, please fork the oauth project and create a patch with tests. Once you're happy with it send a pull request and post a message to the google group.


This code is free to use under the terms of the MIT license.


OAuth Ruby has been created and maintained by a large number of talented individuals. The current maintainer is Aaron Quint (quirkey).

Comments are welcome. Send an email to via the OAuth Ruby mailing list groups.google.com/group/oauth-ruby