Class: GrapeSimpleAuth::Oauth2

Inherits:

Grape::Middleware::Base

• Object
• Grape::Middleware::Base
• GrapeSimpleAuth::Oauth2

Defined in:

lib/grape_simple_auth/oauth2.rb

Instance Attribute Summary

• #auth_strategy ⇒ Object readonly

  Returns the value of attribute auth_strategy.

Instance Method Summary

• #auth_scopes ⇒ Object
• #authorize!(*scopes) ⇒ Object
• #before ⇒ Object

  Grape middleware methods.

• #context ⇒ Object
• #endpoint_protected? ⇒ Boolean

  Authorization control.

• #request ⇒ Object
• #the_request=(env) ⇒ Object
• #token ⇒ Object

Instance Attribute Details

#auth_strategy ⇒ Object (readonly)

Returns the value of attribute auth_strategy.

# File 'lib/grape_simple_auth/oauth2.rb', line 5

def auth_strategy
  @auth_strategy
end

Instance Method Details

#auth_scopes ⇒ Object

# File 'lib/grape_simple_auth/oauth2.rb', line 36

def auth_scopes
  return *nil unless auth_strategy.has_auth_scopes?
  auth_strategy.auth_scopes
end

#authorize!(*scopes) ⇒ Object

Raises:

• (GrapeSimpleAuth::Errors::InvalidToken)

# File 'lib/grape_simple_auth/oauth2.rb', line 41

def authorize!(*scopes)
  response = HTTParty.get(GrapeSimpleAuth.verify_url, {query: {access_token: token}})
  if response.code == 200
    scopes = response.parsed_response["data"]["credential"]["scopes"]
    unless auth_strategy.auth_scopes & scopes == auth_strategy.auth_scopes
      raise GrapeSimpleAuth::Errors::InvalidScope
    end
    return response
  end
  raise GrapeSimpleAuth::Errors::InvalidToken
end

#before ⇒ Object

Grape middleware methods

# File 'lib/grape_simple_auth/oauth2.rb', line 57

def before
  set_auth_strategy(GrapeSimpleAuth.auth_strategy)
  auth_strategy.api_context = context
  context.extend(GrapeSimpleAuth::AuthMethods)

  context.protected_endpoint = endpoint_protected?
  return unless context.protected_endpoint?

  self.the_request = env
  resp = authorize!(*auth_scopes)
  context.the_access_token = token
  context.current_user = resp.parsed_response["data"]["info"] rescue nil
  context.credentials = resp.parsed_response["data"]["credential"] rescue nil
end

#context ⇒ Object

# File 'lib/grape_simple_auth/oauth2.rb', line 7

def context
  env['api.endpoint']
end

#endpoint_protected? ⇒ Boolean

Authorization control.

Returns:

• (Boolean)

# File 'lib/grape_simple_auth/oauth2.rb', line 32

def endpoint_protected?
  auth_strategy.endpoint_protected?
end

#request ⇒ Object

# File 'lib/grape_simple_auth/oauth2.rb', line 15

def request
  @_the_request
end

#the_request=(env) ⇒ Object

# File 'lib/grape_simple_auth/oauth2.rb', line 11

def the_request=(env)
  @_the_request = ActionDispatch::Request.new(env)
end

#token ⇒ Object

# File 'lib/grape_simple_auth/oauth2.rb', line 19

def token
  token = if request.headers["Authorization"].present?
    request.headers["Authorization"].include?("bearer") ? request.headers["Authorization"].try("split", "bearer").try(:last).try(:strip) : request.headers["Authorization"]
  else
    request.parameters["access_token"]
  end
end