Home - nov/rack-oauth2 GitHub Wiki

as OAuth Client

• Setup Client
• Obtain Access Token
• Access to Protected Resource

as OAuth Server

• Authorization Endpoint
• Token Endpoint
• Resource Endpoint

Note for OAuth Server Implementers

Before starting OAuth2 server implementation, read RFC 6749 and RFC 6750.

This gem is designed for those who understand OAuth RFCs.

Using this gem, you need to define these things by yourself.

• Client Management Policy
• API Security Policy
• API Scope Design
• Token Design (lifetime, opaque string or JWT etc.)
• etc.

Debugging

Call Rack::OAuth2.debug!, then you'll see all HTTP requests after that line in the log.

In Rails, you'll need to set Rack::OAuth2.logger = Rails.logger.

Rack::OAuth2.debug!
Rack::OAuth2.logger = Rails.logger