Class: OauthTokenController
- Inherits:
-
ApplicationController
- Object
- ApplicationController
- OauthTokenController
- Defined in:
- app/controllers/oauth_token_controller.rb
Overview
Copyright © 2010 ThoughtWorks Inc. (thoughtworks.com) Licenced under the MIT License (www.opensource.org/licenses/mit-license.php)
Instance Method Summary collapse
Methods included from Oauth2::Provider::TransactionHelper
Methods included from Oauth2::Provider::SslHelper
Instance Method Details
#get_token ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'app/controllers/oauth_token_controller.rb', line 12 def get_token = Oauth2::Provider::OauthAuthorization.find_one(:code, params[:code]) .destroy unless .nil? original_token = Oauth2::Provider::OauthToken.find_one(:refresh_token, params[:refresh_token]) original_token.destroy unless original_token.nil? unless ['authorization-code', 'refresh-token'].include?(params[:grant_type]) render_error('unsupported-grant-type', "Grant type #{params[:grant_type]} is not supported!") return end client = Oauth2::Provider::OauthClient.find_one(:client_id, params[:client_id]) if client.nil? || client.client_secret != params[:client_secret] render_error('invalid-client-credentials', 'Invalid client credentials!') return end if client.redirect_uri != params[:redirect_uri] render_error('invalid-grant', 'Redirect uri mismatch!') return end if params[:grant_type] == 'authorization-code' if .nil? || .expired? || .oauth_client.id != client.id render_error('invalid-grant', "Authorization expired or invalid!") return end token = .generate_access_token else # refresh-token if original_token.nil? || original_token.oauth_client.id != client.id render_error('invalid-grant', 'Refresh token is invalid!') return end token = original_token.refresh end render :content_type => 'application/json', :text => token.access_token_attributes.to_json end |