class OmniAuth::AuthenticityTokenProtection

Public Class Methods

call(env) click to toggle source
# File lib/omniauth/authenticity_token_protection.rb, line 10
def self.call(env)
  new.call!(env)
end
new(options = {}) click to toggle source
# File lib/omniauth/authenticity_token_protection.rb, line 6
def initialize(options = {})
  @options = default_options.merge(options)
end

Public Instance Methods

call(env)
Alias for: call!
call!(env) click to toggle source
# File lib/omniauth/authenticity_token_protection.rb, line 14
def call!(env)
  return if accepts?(env)

  instrument env
  react env
end
Also aliased as: call

Private Instance Methods

default_reaction(_env)
Alias for: deny
deny(_env) click to toggle source
# File lib/omniauth/authenticity_token_protection.rb, line 25
def deny(_env)
  OmniAuth.logger.send(:warn, "Attack prevented by #{self.class}")
  raise AuthenticityError.new(options[:message])
end
Also aliased as: default_reaction