Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 310ccce

Browse files
authored
Merge pull request #664 from ruby-oauth/example/Jhipster-UAA-Server
2 parents dea4d16 + 418507d commit 310ccce

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

45 files changed

+199
-50
lines changed

‎CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1616
- simplified client definitions)
1717
- document how to implement an OIDC client with this gem in OIDC.md
1818
- also, list libraries built on top of the oauth2 gem that implement OIDC
19+
- README: Add example for JHipster UAA (Spring Cloud) password grant, converted from Postman/Net::HTTP
1920
### Changed
2021
### Deprecated
2122
### Removed

‎README.md

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -798,6 +798,55 @@ resp = access.get("/v1/things")
798798
access = client.password.get_token("jdoe", "s3cret", scope: "read")
799799
```
800800

801+
#### Examples
802+
803+
<details>
804+
<summary>JHipster UAA (Spring Cloud) password grant example (legacy; avoid when possible)</summary>
805+
806+
```ruby
807+
# This converts a Postman/Net::HTTP multipart token request to oauth2 gem usage.
808+
# JHipster UAA typically exposes the token endpoint at /uaa/oauth/token.
809+
# The original snippet included:
810+
# - Basic Authorization header for the client (web_app:changeit)
811+
# - X-XSRF-TOKEN header from a cookie (some deployments require it)
812+
# - grant_type=password with username/password and client_id
813+
# Using oauth2 gem, you don't need to build multipart bodies; the gem sends
814+
# application/x-www-form-urlencoded as required by RFC 6749.
815+
816+
require "oauth2"
817+
818+
client = OAuth2::Client.new(
819+
"web_app", # client_id
820+
"changeit", # client_secret
821+
site: "http://localhost:8080/uaa",
822+
token_url: "/oauth/token", # absolute under site (or "oauth/token" relative)
823+
auth_scheme: :basic_auth, # sends HTTP Basic Authorization header
824+
)
825+
826+
# If your UAA requires an XSRF header for the token call, provide it as a header.
827+
# Often this is not required for token endpoints, but if your gateway enforces it,
828+
# obtain the value from the XSRF-TOKEN cookie and pass it here.
829+
xsrf_token = ENV["X_XSRF_TOKEN"] # e.g., pulled from a prior set-cookie value
830+
831+
access = client.password.get_token(
832+
"admin", # username
833+
"admin", # password
834+
headers: xsrf_token ? {"X-XSRF-TOKEN" => xsrf_token} : {},
835+
# JHipster commonly also accepts/needs the client_id in the body; include if required:
836+
# client_id: "web_app",
837+
)
838+
839+
puts access.token
840+
puts access.to_hash # full token response
841+
```
842+
843+
Notes:
844+
- Resource Owner Password Credentials (ROPC) is deprecated in OAuth 2.1 and discouraged. Prefer Authorization Code + PKCE.
845+
- If your deployment strictly demands the X-XSRF-TOKEN header, first fetch it from an endpoint that sets the XSRF-TOKEN cookie (often "/" or a login page) and pass it to headers.
846+
- For Basic auth, auth_scheme: :basic_auth handles the Authorization header; you do not need to base64-encode manually.
847+
848+
</details>
849+
801850
### Refresh Tokens
802851

803852
When the server issues a refresh_token, you can refresh manually or implement an auto-refresh wrapper.

‎docs/OAuth2.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -415,7 +415,7 @@ <h3 class="signature first" id="configure-class_method">
415415
</div>
416416

417417
<div id="footer">
418-
Generated on Sun Aug 31 04:15:43 2025 by
418+
Generated on Sun Aug 31 04:29:08 2025 by
419419
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
420420
0.9.37 (ruby-3.4.5).
421421
</div>

‎docs/OAuth2/AccessToken.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3069,7 +3069,7 @@ <h3 class="signature " id="to_hash-instance_method">
30693069
</div>
30703070

30713071
<div id="footer">
3072-
Generated on Sun Aug 31 04:15:43 2025 by
3072+
Generated on Sun Aug 31 04:29:08 2025 by
30733073
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
30743074
0.9.37 (ruby-3.4.5).
30753075
</div>

‎docs/OAuth2/Authenticator.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -883,7 +883,7 @@ <h3 class="signature first" id="apply-instance_method">
883883
</div>
884884

885885
<div id="footer">
886-
Generated on Sun Aug 31 04:15:43 2025 by
886+
Generated on Sun Aug 31 04:29:08 2025 by
887887
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
888888
0.9.37 (ruby-3.4.5).
889889
</div>

‎docs/OAuth2/Client.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2656,7 +2656,7 @@ <h3 class="signature " id="token_url-instance_method">
26562656
</div>
26572657

26582658
<div id="footer">
2659-
Generated on Sun Aug 31 04:15:43 2025 by
2659+
Generated on Sun Aug 31 04:29:08 2025 by
26602660
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
26612661
0.9.37 (ruby-3.4.5).
26622662
</div>

‎docs/OAuth2/Error.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -772,7 +772,7 @@ <h3 class="signature " id="response-instance_method">
772772
</div>
773773

774774
<div id="footer">
775-
Generated on Sun Aug 31 04:15:43 2025 by
775+
Generated on Sun Aug 31 04:29:08 2025 by
776776
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
777777
0.9.37 (ruby-3.4.5).
778778
</div>

‎docs/OAuth2/FilteredAttributes.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -335,7 +335,7 @@ <h3 class="signature first" id="inspect-instance_method">
335335
</div>
336336

337337
<div id="footer">
338-
Generated on Sun Aug 31 04:15:43 2025 by
338+
Generated on Sun Aug 31 04:29:08 2025 by
339339
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
340340
0.9.37 (ruby-3.4.5).
341341
</div>

‎docs/OAuth2/FilteredAttributes/ClassMethods.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -280,7 +280,7 @@ <h3 class="signature " id="filtered_attributes-instance_method">
280280
</div>
281281

282282
<div id="footer">
283-
Generated on Sun Aug 31 04:15:43 2025 by
283+
Generated on Sun Aug 31 04:29:08 2025 by
284284
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
285285
0.9.37 (ruby-3.4.5).
286286
</div>

‎docs/OAuth2/Response.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1619,7 +1619,7 @@ <h3 class="signature " id="status-instance_method">
16191619
</div>
16201620

16211621
<div id="footer">
1622-
Generated on Sun Aug 31 04:15:43 2025 by
1622+
Generated on Sun Aug 31 04:29:08 2025 by
16231623
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
16241624
0.9.37 (ruby-3.4.5).
16251625
</div>

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /