Module: OAuth::Controllers::ProviderController

Included in:
OauthController
Defined in:
lib/oauth/controllers/provider_controller.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(controller) ⇒ Object


6
7
8
9
10
11
12
13
14
15
# File 'lib/oauth/controllers/provider_controller.rb', line 6

def self.included(controller)
  controller.class_eval do
    before_filter :login_required, :only => [:authorize,:revoke]
    oauthenticate :only => [:test_request]
    oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
    oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
    oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
    skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request, :token]
  end
end

Instance Method Details

#access_tokenObject


26
27
28
29
30
31
32
33
# File 'lib/oauth/controllers/provider_controller.rb', line 26

def access_token
  @token = current_token && current_token.exchange!
  if @token
    render :text => @token.to_query
  else
    render :nothing => true, :status => 401
  end
end

#authorizeObject


55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'lib/oauth/controllers/provider_controller.rb', line 55

def authorize
  if params[:oauth_token]
    @token = ::RequestToken.find_by_token! params[:oauth_token]
    oauth1_authorize
  else
    if request.post?
      @authorizer = OAuth::Provider::Authorizer.new current_user, user_authorizes_token?, params
      redirect_to @authorizer.redirect_uri
    else
      @client_application = ClientApplication.find_by_key! params[:client_id]
      render :action => "oauth2_authorize"
    end
  end
end

#capabilitiesObject

Capabilities of current_token


86
87
88
89
90
91
92
93
94
95
96
97
# File 'lib/oauth/controllers/provider_controller.rb', line 86

def capabilities
  if current_token.respond_to?(:capabilities)
    @capabilities=current_token.capabilities
  else
    @capabilities={:invalidate=>url_for(:action=>:invalidate)}
  end

  respond_to do |format|
    format.json {render :json=>@capabilities}
    format.xml {render :xml=>@capabilities}
  end
end

#invalidateObject

Invalidate current token


80
81
82
83
# File 'lib/oauth/controllers/provider_controller.rb', line 80

def invalidate
  current_token.invalidate!
  head :status=>410
end

#request_tokenObject


17
18
19
20
21
22
23
24
# File 'lib/oauth/controllers/provider_controller.rb', line 17

def request_token
  @token = current_client_application.create_request_token params
  if @token
    render :text => @token.to_query
  else
    render :nothing => true, :status => 401
  end
end

#revokeObject


70
71
72
73
74
75
76
77
# File 'lib/oauth/controllers/provider_controller.rb', line 70

def revoke
  @token = current_user.tokens.find_by_token! params[:token]
  if @token
    @token.invalidate!
    flash[:notice] = "You've revoked the token for #{@token.client_application.name}"
  end
  redirect_to oauth_clients_url
end

#test_requestObject


51
52
53
# File 'lib/oauth/controllers/provider_controller.rb', line 51

def test_request
  render :text => params.collect{|k,v|"#{k}=#{v}"}.join("&")
end

#tokenObject


35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# File 'lib/oauth/controllers/provider_controller.rb', line 35

def token
  @client_application = ClientApplication.find_by_key! params[:client_id]
  if @client_application.secret != params[:client_secret]
    oauth2_error "invalid_client"
    return
  end
  # older drafts used none for client_credentials
  params[:grant_type] = 'client_credentials' if params[:grant_type] == 'none'
  logger.info "grant_type=#{params[:grant_type]}"
  if ["authorization_code", "password", "client_credentials"].include?(params[:grant_type])
    send "oauth2_token_#{params[:grant_type].underscore}"
  else
    oauth2_error "unsupported_grant_type"
  end
end