Sha256: fbb916de918bef7b57e3ea165b0af8cced6535542b73a27e6c5388e9bff6fd4f

Contents?: true

Size: 1.28 KB

Versions: 4

Compression:

Stored size: 1.28 KB

Contents

require 'devise/strategies/base'

module Devise
  module Strategies
    class Oauth2GrantTypeStrategy < Authenticatable
      def valid?
        params[:controller] == 'devise/oauth2/tokens' && request.post? && params[:grant_type] == grant_type
      end

      # defined by subclass
      def grant_type
      end

      # defined by subclass
      def authenticate_grant_type(client)
      end

      def authenticate!
        client_id, client_secret = request.authorization ? decode_credentials : [params[:client_id], params[:client_secret]]
        client = Devise::Oauth2::Client.find_by_identifier client_id
        if client && client.secret == client_secret
          env[Devise::Oauth2::CLIENT_ENV_REF] = client
          authenticate_grant_type(client)
        else
          oauth_error! :invalid_client, 'invalid client credentials'
        end
      end

      # return custom error response in accordance with the oauth spec
      # see http://tools.ietf.org/html/draft-ietf-oauth-v2-16#section-4.3
      def oauth_error!(error_code = :invalid_request, description = nil)
        body = {:error => error_code}
        body[:error_description] = description if description
        custom! [400, {'Content-Type' => 'application/json'}, [body.to_json]]
        throw :warden
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
devise_oauth2_rails4-2.1.8 lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.1.7 lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.1.6 lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb
devise_oauth2_rails4-2.1.5 lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb