Sha256: 02382177fc8c856e8fc011b025e056cbb80048c828492fb6ba88b42492a3d386
Contents?: true
Size: 1.36 KB
Versions: 3
Compression:
Stored size: 1.36 KB
Contents
class TokenEndpoint
def call(env)
authenticator.call(env)
end
private
def authenticator
Rack::OAuth2::Server::Token.new do |req, res|
client = Client.find_by_identifier(req.client_id) || req.invalid_client!
client.secret == req.client_secret || req.invalid_client!
case req.grant_type
when :authorization_code
code = AuthorizationCode.valid.find_by_token(req.code)
req.invalid_grant! if code.blank? || code.redirect_uri != req.redirect_uri
res.access_token = code.access_token.to_bearer_token(:with_refresh_token)
when :password
user = User.find_by_email(req.username) || req.invalid_grant!
req.invalid_grant! unless user.valid_password?(req.password)
res.access_token = user.access_tokens.create(:client => client).to_bearer_token(:with_refresh_token)
when :client_credentials
# NOTE: client is already authenticated here.
res.access_token = client.access_tokens.create.to_bearer_token
when :refresh_token
refresh_token = client.refresh_tokens.valid.find_by_token(req.refresh_token)
req.invalid_grant! unless refresh_token
res.access_token = refresh_token.access_tokens.create.to_bearer_token
else
# NOTE: extended assertion grant_types are not supported yet.
req.unsupported_grant_type!
end
end
end
end
Version data entries
3 entries across 3 versions & 2 rubygems
| Version | Path |
|---|---|
| devise_oauth2_providable-0.1.1 | lib/token_endpoint.rb |
| devise_oauth2_providable-0.1.0 | lib/token_endpoint.rb |
| devise_oauth2_token_bearer_authenticatable-0.0.1 | lib/token_endpoint.rb |