Update for omniauth >= 2.0.0 support

[andyw8]

I've released a fork of this gem updated to use omniauth 2.0.0 due to this CVE:

Name: omniauth
Version: 1.9.1
CVE: CVE-2015-9284
Criticality: High
URL: https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
Title: CSRF vulnerability in OmniAuth's request phase
Solution: upgrade to >= 2.0.0

https://github.com/andyw8/omniauth-pocket-oauth2

@leppert I know this repo hasn't had updates in a long time, but I can create a PR to add these changes here if you wish.

[Duartemartins]

Hey @andyw8 thanks for making that. I get "Not found. Authentication passthru." when trying to log in despite adding the CSRF gem, do you know what could be causing that? This is my user stuff:

def pocket
    @user = User.from_omniauth(request.env["omniauth.auth"])
    if @user.persisted?
      sign_in_and_redirect @user, event: :authentication # this will throw if @user is not activated
      set_flash_message(:notice, :success, kind: "Pocket") if is_navigational_format?
    else
      session["devise.pocket_data"] = request.env["omniauth.auth"].except(:extra) # Removing extra as it can overflow some session stores
      redirect_to new_user_registration_url
    end

  def failure
    redirect_to root_path
  end