Sha256: 0667543d3ebc721c44d4d723dd8da1c0297d2b1be325d57bfbe34bc5ed706f03
Contents?: true
Size: 1.53 KB
Versions: 5
Compression:
Stored size: 1.53 KB
Contents
# frozen_string_literal: true
require "rodauth/oauth"
module Rodauth
Feature.define(:oauth_resource_server, :OauthResourceServer) do
depends :oauth_token_introspection
auth_value_method :is_authorization_server?, false
auth_methods(
:before_introspection_request
)
def authorization_token
return @authorization_token if defined?(@authorization_token)
# check if there is a token
access_token = fetch_access_token
return unless access_token
# where in resource server, NOT the authorization server.
payload = introspection_request("access_token", access_token)
return unless payload["active"]
@authorization_token = payload
end
def require_oauth_authorization(*scopes)
authorization_required unless authorization_token
aux_scopes = authorization_token["scope"]
token_scopes = if aux_scopes
aux_scopes.split(oauth_scope_separator)
else
[]
end
authorization_required unless scopes.any? { |scope| token_scopes.include?(scope) }
end
private
def introspection_request(token_type_hint, token)
introspect_url = URI("#{authorization_server_url}#{introspect_path}")
response = http_request(introspect_url, { "token_type_hint" => token_type_hint, "token" => token }) do |request|
before_introspection_request(request)
end
JSON.parse(response.body)
end
def before_introspection_request(request); end
end
end
Version data entries
5 entries across 5 versions & 1 rubygems