Class: Grape::OAuth2::Strategies::AuthorizationCode
- Defined in:
- lib/grape_oauth2/strategies/authorization_code.rb
Overview
Auth Code strategy class. Processes request and responds with Token or Code (depend on requested response type).
Class Method Summary collapse
-
.process(request, response) ⇒ Object
Processes Authorization request.
Methods inherited from Base
authenticate_client, authenticate_resource_owner, config, expose_to_bearer_token, scopes_from
Class Method Details
.process(request, response) ⇒ Object
Processes Authorization request.
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
# File 'lib/grape_oauth2/strategies/authorization_code.rb', line 10 def process(request, response) client = authenticate_client(request) request.bad_request! if client.nil? response.redirect_uri = request.verify_redirect_uri!(client.redirect_uri) # TODO: verify scopes if they valid # scopes = request.scope # request.invalid_scope! "Unknown scope: #{scope}" case request.response_type when :code # resource owner can't be nil! = config.access_grant_class.create_for(client, nil, response.redirect_uri) response.code = .token when :token # resource owner can't be nil! access_token = config.access_token_class.create_for(client, nil, scopes_from(request)) response.access_token = expose_to_bearer_token(access_token) end response.approve! response end |