Sha256: 6780626ce2aecdfdfa4b25020674ce64966d79d337fd874f95be13f9969e7635
Contents?: true
Size: 1.45 KB
Versions: 2
Compression:
Stored size: 1.45 KB
Contents
# This controller is where clients can exchange
# codes and refresh_tokens for access_tokens
class Oauth::TokenController < OproController
before_filter :opro_authenticate_user!, :except => [:create]
skip_before_filter :verify_authenticity_token, :only => [:create]
def create
# Find the client application
application = Oauth::ClientApp.authenticate(params[:client_id], params[:client_secret])
if application.nil?
render :json => {:error => "Could not find application based on client_id=#{params[:client_id]}
and client_secret=#{params[:client_secret]}"}, :status => :unauthorized
return
end
if params[:code]
auth_grant = Oauth::AuthGrant.authenticate(params[:code], application.id)
else
auth_grant = Oauth::AuthGrant.refresh_tokens!(params[:refresh_token], application.id)
end
if auth_grant.nil?
msg = "Could not find a user that belongs to this application & "
msg << " has a refresh_token=#{params[:refresh_token]}" if params[:refresh_token]
msg << " has been granted a code=#{params[:code]}" if params[:code]
render :json => {:error => msg }, :status => :unauthorized
return
end
auth_grant.generate_expires_at!
render :json => { :access_token => auth_grant.access_token,
:refresh_token => auth_grant.refresh_token,
:expires_in => auth_grant.expires_in }
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| opro-0.0.3 | app/controllers/oauth/token_controller.rb |
| opro-0.0.2 | app/controllers/oauth/token_controller.rb |