Contents

require 'devise/strategies/base'

module Devise
  module Strategies
    class Oauth2GrantTypeStrategy < Authenticatable
      def valid?
        params[:controller] == 'devise/oauth2/tokens' && request.post? && params[:grant_type] == grant_type
      end

      # defined by subclass
      def grant_type
      end

      # defined by subclass
      def authenticate_grant_type(client)
      end

      def authenticate!
        client_id, client_secret = request.authorization ? decode_credentials : [params[:client_id], params[:client_secret]]
        client = Devise::Oauth2Providable::Client.find_by_identifier client_id
        if client && client.secret == client_secret
          env[Devise::Oauth2Providable::CLIENT_ENV_REF] = client
          authenticate_grant_type(client)
        else
          oauth_error! :invalid_client, 'invalid client credentials'
        end
      end

      # return custom error response in accordance with the oauth spec
      # see http://tools.ietf.org/html/draft-ietf-oauth-v2-16#section-4.3
      def oauth_error!(error_code = :invalid_request, description = nil)
        body = {:error => error_code}
        body[:error_description] = description if description
        custom! [400, {'Content-Type' => 'application/json'}, [body.to_json]]
        throw :warden
      end
    end
  end
end

Version data entries

13 entries across 13 versions & 1 rubygems

Version	Path
devise_oauth2_rails4-2.1.4	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.1.3	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.0.3	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.1.0	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.0.2	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.0.1	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.0.0	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.8	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.7	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.6	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.5	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.4	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-1.1.3	lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb