Class: OohAuth::Tokens

Inherits:

Application

• Object
• Merb::Controller
• Application
• OohAuth::Tokens

Defined in:

app/controllers/tokens.rb

Instance Method Summary

• #create(token) ⇒ Object

  Activates an authentication receipt, converting it into a token the authenticating client can use in future requests.

• #destroy(id) ⇒ Object

  def show(id) @token = ::Authentication.get(id) raise NotFound unless @token display @token end.

• #index ⇒ Object

  Main action used for starting the authorisation process (desktop clients) and finishing it (web clients).

• #new ⇒ Object

Instance Method Details

#create(token) ⇒ Object

Activates an authentication receipt, converting it into a token the authenticating client can use in future requests.

Raises:

• (NotFound)

# File 'app/controllers/tokens.rb', line 61

def create(token)
  only_provides :html
  commit = (params[:commit]=="allow") # Did they click the allow or the deny button? ENQUIRING MINDS NEED TO KNOW!
  raise NotFound unless @token = OohAuth::Token.get_token(request.token) # The oauth_token is now in the post body.
  raise NotFound unless @authenticating_client = @token.authenticating_client # Stop right there, criminal scum.
      
  @activated = @token.activate!(session.user, token[:expires], token[:permissions]) if commit
  redirect("#{request.callback}#{(request.callback["?"])? "&" : "?"}oauth_token=#{@token.token_key}") if commit and request.callback # the callback is in the post body        
  display @token, :create
end

#destroy(id) ⇒ Object

def show(id)

@token = ::Authentication.get(id)
raise NotFound unless @token
display @token

end

def edit(id)

only_provides :html
@token = OohAuth::Token.get(id)
raise NotFound unless @token
display @token

end

def update(id, token)

@token = OohAuth::Token.get(id)
raise NotFound unless @token
if @token.update_attributes(authentication)
   redirect slice_url(:tokens, @token)
else
  display @token, :edit
end

end

Raises:

• (NotFound)

# File 'app/controllers/tokens.rb', line 95

def destroy(id)
  @token = OohAuth::Token.get(id)
  raise NotFound unless @token and @token.user_id == session.user.id
  if @token.destroy
    redirect slice_url(:tokens)
  else
    raise InternalServerError
  end
end

#index ⇒ Object

Main action used for starting the authorisation process (desktop clients) and finishing it (web clients)

# File 'app/controllers/tokens.rb', line 27

def index
  if session.authenticated?
    only_provides :html
    # Authenticated requests should show the list
    @tokens = OohAuth::Token.find_for_user(session.user)
    render :index
  elsif request.signed?
    # Unauthenticated but signed requests should provision tokens
    raise NotAcceptable unless @authenticating_client = request.authenticating_client
    if @token = request.authentication_token
      # If client and request key, give the activated token if it was activated.
      raise NotAcceptable unless @token.authenticating_client == @authenticating_client
    else
      # Generate a request key
      @token = OohAuth::Token.create_request_key(@authenticating_client)
    end
    # # Okay, no error raised. Gogo render.
    display @token, :show, :layout=>false
  else
    # All other requests we DO NOT WANT
    raise NotAcceptable
  end
end

#new ⇒ Object

# File 'app/controllers/tokens.rb', line 51

def new
  only_provides :html
  unless (@token = OohAuth::Token.first(:token_key=>request.token) and
          @authenticating_client = @token.authenticating_client)
    raise NotAcceptable 
  end
  display @token, :new
end