Support hitting the callback with oauth_token/oauth_token_secret

This is useful for situations such as Twitter's reverse auth for iOS.
wavii · Aug 30, 2012 · 966db34 · 966db34
1 parent 43008e4
commit 966db34
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 0 deletions.
diff --git a/lib/omniauth/strategies/oauth.rb b/lib/omniauth/strategies/oauth.rb
@@ -43,6 +43,11 @@ def request_phase
       end
 
       def callback_phase
+        if request['oauth_token'] && request['oauth_token_secret']
+          @access_token = ::OAuth::AccessToken.from_hash(consumer, Hashie::Mash.new(request.params))
+          return super
+        end
+
         raise OmniAuth::NoSessionError.new("Session Expired") if session['oauth'].nil?
 
         request_token = ::OAuth::RequestToken.new(consumer, session['oauth'][name.to_s].delete('request_token'), session['oauth'][name.to_s].delete('request_secret'))

diff --git a/spec/omniauth/strategies/oauth_spec.rb b/spec/omniauth/strategies/oauth_spec.rb
@@ -144,4 +144,18 @@ def session
       last_request.env['omniauth.error.type'] = :session_expired
     end
   end
+
+  describe '/auth/{name}/callback with oauth_token and oauth_token_secret' do
+    before do
+      get '/auth/example.org/callback', {:oauth_token => 'yourtoken', :oauth_token_secret => 'soopersekret', :user_id => 123}, {'rack.session' => {}}
+    end
+
+    it 'should succeed' do
+      last_request.env['omniauth.auth']['credentials']['token'].should == 'yourtoken'
+      last_request.env['omniauth.auth']['credentials']['secret'].should == 'soopersekret'
+      last_request.env['omniauth.auth']['provider'].should == 'example.org'
+      last_request.env['omniauth.auth']['extra']['access_token'].should be_kind_of(OAuth::AccessToken)
+      last_request.env['omniauth.auth']['extra']['access_token'].params['user_id'].should == '123'
+    end
+  end
 end