Sha256: eb1131abd34f5fbc1c8a1188375396bef9d0a8a2f287631931c0afc0d8ad3a23
Contents?: true
Size: 1.73 KB
Versions: 2
Compression:
Stored size: 1.73 KB
Contents
module Unimatrix::Authorization
class RequiresResourceOwner
def before( controller )
client_id = Unimatrix.configuration.client_id
client_secret = Unimatrix.configuration.client_secret
access_token = controller.params[ 'access_token' ] || \
controller.retrieve_client_token( client_id, client_secret )
if access_token.present?
resource_owner = controller.retrieve_resource_owner( access_token )
if resource_owner.present? && resource_owner.is_a?( Array ) &&
resource_owner.first.type_name == 'resource_owner'
controller.resource_owner = resource_owner
else
controller.render_error(
::ForbiddenError,
"The requested resource_owner could not be retrieved."
)
end
else
controller.render_error(
::MissingParameterError,
"The parameter 'access_token' is required."
)
end
end
end
module ClassMethods
def requires_resource_owner( options = {} )
before_action(
RequiresResourceOwner.new,
options
)
end
end
def self.included( controller )
controller.extend( ClassMethods )
end
def resource_owner=( attributes )
@resource_owner = attributes
end
def resource_owner
@resource_owner ||= begin
retrieve_resource_owner( params[ :access_token ] )
end
end
# In Rails app, this is overwritten by #retrieve_resource_owner in railtie.rb
def retrieve_resource_owner( access_token )
if access_token
request_resource_owner( access_token )
end
end
def request_resource_owner( access_token )
Operation.new( '/resource_owner' ).where( access_token: access_token ).read
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| unimatrix-3.1.0 | lib/unimatrix/authorization/filters/requires_resource_owner.rb |
| unimatrix-3.0.0 | lib/unimatrix/authorization/filters/requires_resource_owner.rb |