1.1.0

Xero OAuth 2.0 OmniAuth Strategy version 1.1.0 release.

Adds support for additional authorization options at runtime per #12.

You can now choose to define a state param in the initializer config:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider(
    :xero_oauth2,
    ENV['CLIENT_ID'],
    ENV['CLIENT_SECRET'],
    scope: ENV['SCOPES'],
    state: 'sup3r$ecretSt@te'
  )
end

OR
You can choose to set the state param dynamically at runtime:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider(
    :xero_oauth2,
    ENV['CLIENT_ID'],
    ENV['CLIENT_SECRET'],
    scope: ENV['SCOPES'],
    provider_ignores_state: true # without this you'll get a "CSRF detected" error
  )
end

-----

<h4>Xero Ruby Oauth2 Demo App</h4>
<p><%= form_tag('/auth/xero_oauth2', method: 'post') do %>
  <input type="hidden" name="state" value="runtime-sup3r$ecretSt@te">
  <button type='submit'>Connect to Xero</button>
<% end %></p>