oauth_base.rb in rodauth-oauth-0.10.3

- old
+ new

@@ -45,10 +45,21 @@
       expires_in revoked_at
     ].each do |column|
       auth_value_method :"oauth_tokens_#{column}_column", column
     end
 
+    # OAuth Grants
+    auth_value_method :oauth_grants_table, :oauth_grants
+    auth_value_method :oauth_grants_id_column, :id
+    %i[
+      account_id oauth_application_id
+      redirect_uri code scopes access_type
+      expires_in revoked_at
+    ].each do |column|
+      auth_value_method :"oauth_grants_#{column}_column", column
+    end
+
     # Oauth Token Hash
     auth_value_method :oauth_tokens_token_hash_column, nil
     auth_value_method :oauth_tokens_refresh_token_hash_column, nil
 
     # Access Token reuse
@@ -158,16 +169,21 @@
         super
       end
     end
 
     # Overrides session_value, so that a valid authorization token also authenticates a request
+    # TODO: deprecate
     def session_value
-      super || begin
-        return unless authorization_token
+      super || oauth_token_subject
+    end
 
-        authorization_token[oauth_tokens_account_id_column]
-      end
+    def oauth_token_subject
+      return unless authorization_token
+
+      # TODO: fix this once tokens know which type they were generated with
+      authorization_token[oauth_tokens_account_id_column] ||
+        authorization_token[oauth_tokens_oauth_application_id_column]
     end
 
     def accepts_json?
       return true if only_json?
 
@@ -718,15 +734,10 @@
         request.halt
       end
     end
 
     def authorization_required
-      if accepts_json?
-        throw_json_response_error(authorization_required_error_status, "invalid_client")
-      else
-        set_redirect_error_flash(require_authorization_error_flash)
-        redirect(authorize_path)
-      end
+      throw_json_response_error(authorization_required_error_status, "invalid_client")
     end
 
     def check_valid_scopes?
       return false unless scopes
 