From 3677e2eb63c782bbec72078e6af029354ef3961d Mon Sep 17 00:00:00 2001 From: Zoran M Date: Mon, 26 Oct 2015 10:49:24 +0100 Subject: [PATCH] fix broken backward compatibility (by default, keep the same callback_url in callback_phase and request_phase) --- lib/omniauth/strategies/oauth2.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/omniauth/strategies/oauth2.rb b/lib/omniauth/strategies/oauth2.rb index 3ffff1b..138104c 100644 --- a/lib/omniauth/strategies/oauth2.rb +++ b/lib/omniauth/strategies/oauth2.rb @@ -29,6 +29,7 @@ def self.inherited(subclass) option :token_options, [] option :auth_token_params, {} option :provider_ignores_state, false + option :include_query_string, false attr_accessor :access_token @@ -86,7 +87,8 @@ def callback_phase # rubocop:disable AbcSize, CyclomaticComplexity, MethodLength def build_access_token verifier = request.params["code"] - client.auth_code.get_token(verifier, {:redirect_uri => callback_url}.merge(token_params.to_hash(:symbolize_keys => true)), deep_symbolize(options.auth_token_params)) + url = options.include_query_string ? callback_url : (full_host + script_name + callback_path) + client.auth_code.get_token(verifier, {:redirect_uri => url}.merge(token_params.to_hash(:symbolize_keys => true)), deep_symbolize(options.auth_token_params)) end def deep_symbolize(options)