Class: Grape::OAuth2::Strategies::AuthorizationCode

Inherits:

Base

Object
Base
Grape::OAuth2::Strategies::AuthorizationCode

show all

Defined in:: lib/grape_oauth2/strategies/authorization_code.rb

Overview

Auth Code strategy class. Processes request and responds with Token or Code (depend on requested response type).

Class Method Summary collapse

.process(request, response) ⇒ Object

Processes Authorization request.

Methods inherited from Base

authenticate_client, authenticate_resource_owner, config, expose_to_bearer_token, scopes_from

Class Method Details

.process(request, response) ⇒ `Object`

Processes Authorization request.

# File 'lib/grape_oauth2/strategies/authorization_code.rb', line 10

def process(request, response)
  client = authenticate_client(request)
  request.bad_request! if client.nil?

  response.redirect_uri = request.verify_redirect_uri!(client.redirect_uri)

  # TODO: verify scopes if they valid
  # scopes = request.scope
  # request.invalid_scope! "Unknown scope: #{scope}"

  case request.response_type
  when :code
    # resource owner can't be nil!
    authorization_code = config.access_grant_class.create_for(client, nil, response.redirect_uri)
    response.code = authorization_code.token
  when :token
    # resource owner can't be nil!
    access_token = config.access_token_class.create_for(client, nil, scopes_from(request))
    response.access_token = expose_to_bearer_token(access_token)
  end

  response.approve!
  response
end

Class: Grape::OAuth2::Strategies::AuthorizationCode

Overview

Class Method Summary collapse

Methods inherited from Base

Class Method Details

.process(request, response) ⇒ Object

.process(request, response) ⇒ `Object`