From 115c0a768cd6f4b9bfae8900f8e3fc4fbeec3ad8 Mon Sep 17 00:00:00 2001
From: Mark Dodwell <mark@mkdynamic.co.uk>
Date: Thu, 14 Nov 2013 00:30:24 -0800
Subject: [PATCH] this does not provide authentication, should not be used

---
 lib/omniauth/strategies/facebook.rb |  7 +------
 test/test.rb                        | 16 ----------------
 2 files changed, 1 insertion(+), 22 deletions(-)

diff --git a/lib/omniauth/strategies/facebook.rb b/lib/omniauth/strategies/facebook.rb
index 0d80939..7a2ccaf 100644
--- a/lib/omniauth/strategies/facebook.rb
+++ b/lib/omniauth/strategies/facebook.rb
@@ -57,12 +57,7 @@ def raw_info
       end
 
       def build_access_token
-        if access_token = request.params["access_token"]
-          ::OAuth2::AccessToken.from_hash(
-            client, 
-            {"access_token" => access_token}.update(access_token_options)
-          )
-        elsif signed_request_contains_access_token?
+        if signed_request_contains_access_token?
           hash = signed_request.clone
           ::OAuth2::AccessToken.new(
             client,
diff --git a/test/test.rb b/test/test.rb
index 21ecdba..0ea3c21 100644
--- a/test/test.rb
+++ b/test/test.rb
@@ -469,20 +469,4 @@ def setup
       assert_equal @payload['expires'], result.expires_at
     end
   end
-
-  class ParamsContainAccessTokenStringTest < TestCase
-    def setup
-      super
-
-      @request.stubs(:params).returns({'access_token' => 'm4c0d3z'})
-
-      strategy.stubs(:callback_url).returns('/')
-    end
-
-    test 'returns a new access token' do
-      result = strategy.build_access_token
-      assert_kind_of ::OAuth2::AccessToken, result
-      assert_equal 'm4c0d3z', result.token
-    end
-  end
 end