Class: OohAuth::Tokens
- Inherits:
-
Application
- Object
- Merb::Controller
- Application
- OohAuth::Tokens
- Defined in:
- app/controllers/tokens.rb
Instance Method Summary collapse
-
#create(token) ⇒ Object
Activates an authentication receipt, converting it into a token the authenticating client can use in future requests.
-
#destroy(id) ⇒ Object
def show(id) @token = ::Authentication.get(id) raise NotFound unless @token display @token end.
-
#index ⇒ Object
Main action used for starting the authorisation process (desktop clients) and finishing it (web clients).
- #new ⇒ Object
Instance Method Details
#create(token) ⇒ Object
Activates an authentication receipt, converting it into a token the authenticating client can use in future requests.
61 62 63 64 65 66 67 68 69 70 |
# File 'app/controllers/tokens.rb', line 61 def create(token) only_provides :html commit = (params[:commit]=="allow") # Did they click the allow or the deny button? ENQUIRING MINDS NEED TO KNOW! raise NotFound unless @token = OohAuth::Token.get_token(request.token) # The oauth_token is now in the post body. raise NotFound unless @authenticating_client = @token.authenticating_client # Stop right there, criminal scum. @activated = @token.activate!(session.user, token[:expires], token[:permissions]) if commit redirect("#{request.callback}#{(request.callback["?"])? "&" : "?"}oauth_token=#{@token.token_key}") if commit and request.callback # the callback is in the post body display @token, :create end |
#destroy(id) ⇒ Object
def show(id)
@token = ::Authentication.get(id)
raise NotFound unless @token
display @token
end
def edit(id)
only_provides :html
@token = OohAuth::Token.get(id)
raise NotFound unless @token
display @token
end
def update(id, token)
@token = OohAuth::Token.get(id)
raise NotFound unless @token
if @token.update_attributes(authentication)
redirect slice_url(:tokens, @token)
else
display @token, :edit
end
end
95 96 97 98 99 100 101 102 103 |
# File 'app/controllers/tokens.rb', line 95 def destroy(id) @token = OohAuth::Token.get(id) raise NotFound unless @token and @token.user_id == session.user.id if @token.destroy redirect slice_url(:tokens) else raise InternalServerError end end |
#index ⇒ Object
Main action used for starting the authorisation process (desktop clients) and finishing it (web clients)
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'app/controllers/tokens.rb', line 27 def index if session.authenticated? only_provides :html # Authenticated requests should show the list @tokens = OohAuth::Token.find_for_user(session.user) render :index elsif request.signed? # Unauthenticated but signed requests should provision tokens raise NotAcceptable unless @authenticating_client = request.authenticating_client if @token = request.authentication_token # If client and request key, give the activated token if it was activated. raise NotAcceptable unless @token.authenticating_client == @authenticating_client else # Generate a request key @token = OohAuth::Token.create_request_key(@authenticating_client) end # # Okay, no error raised. Gogo render. display @token, :show, :layout=>false else # All other requests we DO NOT WANT raise NotAcceptable end end |