Class: OAuth2::Provider::Rack::AccessTokenHandler

Inherits:
Object
  • Object
show all
Defined in:
lib/oauth2/provider/rack/access_token_handler.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, env) ⇒ AccessTokenHandler

Returns a new instance of AccessTokenHandler.



5
6
7
8
9
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 5

def initialize(app, env)
  @app = app
  @env = env
  @request = env['oauth2']
end

Instance Attribute Details

#appObject (readonly)

Returns the value of attribute app.



3
4
5
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 3

def app
  @app
end

#envObject (readonly)

Returns the value of attribute env.



3
4
5
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 3

def env
  @env
end

#requestObject (readonly)

Returns the value of attribute request.



3
4
5
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 3

def request
  @request
end

Instance Method Details

#block_invalid_clientsObject 



84
85
86
87
88
89
90
91
92
93
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 84

def block_invalid_clients
  with_required_params 'grant_type', 'client_id', 'client_secret' do |grant_type, client_id, client_secret|
    @oauth_client = OAuth2::Provider.client_class.find_by_oauth_identifier_and_oauth_secret(client_id, client_secret)
    if @oauth_client.nil?
      Responses.json_error 'invalid_client'
    elsif !@oauth_client.allow_grant_type?(grant_type)
      Responses.json_error 'unauthorized_client'
    end
  end
end

#block_unsupported_grant_typesObject 



76
77
78
79
80
81
82
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 76

def block_unsupported_grant_types
  with_required_params 'grant_type' do |grant_type|
    unless respond_to?(grant_type_handler_method(grant_type), true)
      Responses.json_error 'unsupported_grant_type'
    end
  end
end

#grant_type_handler_method(grant_type) ⇒ Object 



99
100
101
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 99

def grant_type_handler_method(grant_type)
  "handle_#{grant_type}_grant_type"
end

#handle_authorization_code_grant_typeObject 



35
36
37
38
39
40
41
42
43
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 35

def handle_authorization_code_grant_type
  with_required_params 'code', 'redirect_uri' do |code, redirect_uri|
    if token = oauth_client.authorization_codes.claim(code, redirect_uri)
      token_response token
    else
      Responses.json_error 'invalid_grant'
    end
  end
end

#handle_grant_typeObject 



19
20
21
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 19

def handle_grant_type
  send grant_type_handler_method(request.params["grant_type"])
end

#handle_password_grant_typeObject 



23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 23

def handle_password_grant_type
  with_required_params 'username', 'password' do |username, password|
    if resource_owner = OAuth2::Provider.resource_owner_class.authenticate_with_username_and_password(username, password)
      token_response OAuth2::Provider.access_token_class.create!(
        :authorization => OAuth2::Provider.authorization_class.create!(:resource_owner => resource_owner, :client => oauth_client)
      )
    else
      Responses.json_error 'invalid_grant'
    end
  end
end

#handle_refresh_token_grant_typeObject 



45
46
47
48
49
50
51
52
53
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 45

def handle_refresh_token_grant_type
  with_required_params 'refresh_token' do |refresh_token|
    if token = oauth_client.access_tokens.refresh_with(refresh_token)
      token_response token
    else
      Responses.json_error 'invalid_grant'
    end
  end
end

#oauth_clientObject 



95
96
97
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 95

def oauth_client
  @oauth_client
end

#processObject 



11
12
13
14
15
16
17
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 11

def process
  if request.post?
    block_unsupported_grant_types || block_invalid_clients || handle_grant_type
  else
    Responses.only_supported 'POST'
  end
end

#token_response(token) ⇒ Object 



69
70
71
72
73
74
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 69

def token_response(token)
  json = token.as_json.tap do |json|
    json[:state] = request.params['state'] if request.params['state']
  end
  [200, {'Content-Type' => 'application/json', 'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate'}, [ActiveSupport::JSON.encode(json)]]
end

#with_required_params(*names, &block) ⇒ Object 



55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/oauth2/provider/rack/access_token_handler.rb', line 55

def with_required_params(*names, &block)
  missing_params = names - request.params.keys
  if missing_params.empty?
    yield *request.params.values_at(*names)
  else
    if missing_params.size == 1
      Responses.json_error 'invalid_request', :description => "missing '#{missing_params.join}' parameter"
    else
      describe_parameters = missing_params.map{|x| "'#{x}'"}.join(", ")
      Responses.json_error 'invalid_request', :description => "missing #{describe_parameters} parameters"
    end
  end
end