app/controllers/devise/oauth2/authorization.rb in devise_oauth2_rails4-2.1.6 vs app/controllers/devise/oauth2/authorization.rb in devise_oauth2_rails4-2.1.7
- old
+ new
@@ -5,9 +5,11 @@
def current_oauth2_client(opts: { secure: false })
return @secure_client ||= Client.find_by(secret: client_secret) if opts[:secure]
return @secure_client ||= Client.find_by(id: current_access_token.client_id) if valid_access_token?
@client ||= Client.find_by('identifier = :client_id OR secret = :secret', client_id: client_id, secret: client_secret) if client_credentials?
+ Client.find_by(:identifier => client_id, :secret => secret)
+ Client.find_by('identifier = ? OR secret = ?', client_id, secret)
end
def current_access_token
@access_token ||= AccessToken.find_by(token: access_token) if access_token?
end