this does not provide authentication, should not be used

2022-11-09 12:32:45 -05:00 · 2013-11-14 00:30:24 -08:00 · 2013-11-14 00:30:24 -08:00 · 115c0a768c
commit 115c0a768c
parent fd62381a5f
2 changed files with 1 additions and 22 deletions
--- a/lib/omniauth/strategies/facebook.rb
+++ b/lib/omniauth/strategies/facebook.rb
@ -57,12 +57,7 @@ module OmniAuth
      end

      def build_access_token
-        if access_token = request.params["access_token"]
-          ::OAuth2::AccessToken.from_hash(
-            client, 
-            {"access_token" => access_token}.update(access_token_options)
-          )
-        elsif signed_request_contains_access_token?
+        if signed_request_contains_access_token?
          hash = signed_request.clone
          ::OAuth2::AccessToken.new(
            client,
--- a/test/test.rb
+++ b/test/test.rb
@ -469,20 +469,4 @@ module BuildAccessTokenTests
      assert_equal @payload['expires'], result.expires_at
    end
  end
-
-  class ParamsContainAccessTokenStringTest < TestCase
-    def setup
-      super
-
-      @request.stubs(:params).returns({'access_token' => 'm4c0d3z'})
-
-      strategy.stubs(:callback_url).returns('/')
-    end
-
-    test 'returns a new access token' do
-      result = strategy.build_access_token
-      assert_kind_of ::OAuth2::AccessToken, result
-      assert_equal 'm4c0d3z', result.token
-    end
-  end
 end