TagoLine 0.1.4.12 → 0.1.4.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -1
  3. data/lib/TagoLine/LoginAction.rb +9 -1
  4. data/lib/TagoLine/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d01f8a4790e72e5295b6d7273cb91102be71e87d8b9858af943fcfd8850ea6b2
4
- data.tar.gz: 8065d9129599ffa91d1fc8b752e4b5fc217e126b83f87cb27531b961abf048bf
3
+ metadata.gz: 0ad783064093fe816e6b946d865131820e8fffede606daca53905eebe89ab627
4
+ data.tar.gz: 75bc783719c3e500b28d92d703938ac264a20d1ddb636f43482425287117f762
5
5
  SHA512:
6
- metadata.gz: 9dec2ebb83b6d5bef94d77ad48ae4ec90c58cedc1babd0803c9541960b3095029df4b9930356caeedf61bfff7789c76594de6f59f12a6f7a107c54d93d5bc4a5
7
- data.tar.gz: bc0feb261383e6848954133c46dbbe1a5a5e1eedb6440446a1d300b2ef1416f21e2476242010a45d69a0417e29f8d6765e7687731cb35ce0b945de9c9fd7cb61
6
+ metadata.gz: d373227e52a98509ef0a160e6655ac62a886fd2b1f5c4acc7f9f5b2fc3013a0454295ee8dbcb32126009ad5b6358d5135cb79144981d6ce2bacd7e2d435b8c5b
7
+ data.tar.gz: 929ebc39b774cdbaf7effa44da1f180a1da563c0ea79fa354b192954c6536847ad09b5dc43924c6050b804616416c826b31e4e25c892fbb447b03f3032269673
data/README.md CHANGED
@@ -12,4 +12,12 @@ LINE_CHANNEL_SECRET
12
12
  ```
13
13
  <%= TagoLine::LoginButton.show(controller) %>
14
14
  ```
15
- セッションを使うため、引数にcontrollerが必要です
15
+ セッションを使うため、引数にcontrollerが必要です
16
+
17
+ ## CSRFのチェック
18
+ ```
19
+ TagoLine::LoginAction.stateIsRight(self)
20
+ ```
21
+ コントローラー内でこのように書く。
22
+ URLのパラメーターにあるstateとsession[:line_state]を比較した結果を返す
23
+
data/lib/TagoLine/LoginAction.rb CHANGED
@@ -1,10 +1,18 @@
1
1
  require 'rails/all'
2
+ require 'net/http'
3
+ require 'json'
2
4
 
3
5
  module TagoLine
4
6
  class LoginAction
5
7
  def self.stateIsRight(controller)
6
8
  controller.session[:line_state] == controller.params[:state]
7
9
  end
8
-
10
+
11
+ def self.getAccessToken(controller)
12
+ uri = URI('https://api.line.me/oauth2/v2.1/token')
13
+ res = Net::HTTP.post_form(uri, 'grant_type' => 'authorization_code', 'redirect_uri' => ENV['LINE_CALLBACK_URL'], 'client_id' => ENV['LINE_CHANNEL_ID'], 'client_secret' => ENV['LINE_CHANNEL_SECRET'], 'code' => controller.params[:code])
14
+ JSON.parse(res.body)
15
+ end
16
+
9
17
  end
10
18
  end
data/lib/TagoLine/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module TagoLine
4
- VERSION = "0.1.4.12"
4
+ VERSION = "0.1.4.13"
5
5
  CALLBACK_URL = ENV["LINE_CALLBACK_URL"]
6
6
  CHANNEL_ID = ENV["LINE_CHANNEL_ID"]
7
7
  CHANNEL_SECRET = ENV["LINE_CHANNEL_SECRET"]
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: TagoLine
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.4.12
4
+ version: 0.1.4.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - manatago