Class: Doorkeeper::Config

Inherits:

Object

• Object
• Doorkeeper::Config

Extended by:

Option

Includes:

Validations

Defined in:

lib/doorkeeper/config.rb,
lib/doorkeeper/config/option.rb,
lib/doorkeeper/config/validations.rb,
lib/doorkeeper/config/abstract_builder.rb

Overview

Doorkeeper option DSL could be reused in extensions to build their own configurations. To use the Option DSL gems need to define ‘builder_class` method that returns configuration Builder class. This exception raises when they don’t define it.

Defined Under Namespace

Modules: Option, Validations Classes: AbstractBuilder, Builder

Instance Attribute Summary

• #application_secret_fallback_strategy ⇒ Object readonly

  Returns the value of attribute application_secret_fallback_strategy.

• #reuse_access_token ⇒ Object readonly

  Returns the value of attribute reuse_access_token.

• #token_secret_fallback_strategy ⇒ Object readonly

  Returns the value of attribute token_secret_fallback_strategy.

Instance Method Summary

• #access_grant_model ⇒ ActiveRecord::Base, ...

  Doorkeeper Access Grant model class.

• #access_token_methods ⇒ Object
• #access_token_model ⇒ ActiveRecord::Base, ...

  Doorkeeper Access Token model class.

• #allow_blank_redirect_uri?(application = nil) ⇒ Boolean
• #allow_grant_flow_for_client ⇒ Boolean

  Allows to customize OAuth grant flows that each application support.

• #allow_grant_flow_for_client?(grant_flow, client) ⇒ Boolean
• #api_only ⇒ Object
• #application_model ⇒ ActiveRecord::Base, ...

  Doorkeeper Application model class.

• #application_secret_hashed? ⇒ Boolean
• #application_secret_strategy ⇒ Object
• #authorization_response_flows ⇒ Object
• #authorization_response_types ⇒ Object
• #calculate_authorization_response_types ⇒ Object

  [NOTE]: deprecated and will be removed soon.

• #calculate_grant_flows ⇒ Object

  Calculates grant flows configured by the user in Doorkeeper configuration considering registered aliases that is exposed to single or multiple other flows.

• #calculate_token_grant_types ⇒ Object

  [NOTE]: deprecated and will be removed soon.

• #clear_cache! ⇒ Object
• #client_credentials_methods ⇒ Object
• #confirm_application_owner? ⇒ Boolean
• #default_scopes ⇒ Object
• #deprecated_authorization_flows ⇒ Object

  [NOTE]: deprecated and will be removed soon.

• #deprecated_token_grant_types_resolver ⇒ Object

  [NOTE]: deprecated and will be removed soon.

• #enable_application_owner? ⇒ Boolean
• #enabled_grant_flows ⇒ Object
• #enforce_configured_scopes? ⇒ Boolean
• #enforce_content_type ⇒ Object
• #native_authorization_code_route ⇒ Object
• #option_defined?(name) ⇒ Boolean
• #optional_scopes ⇒ Object
• #polymorphic_resource_owner? ⇒ Boolean
• #raise_on_errors? ⇒ Boolean
• #refresh_token_enabled? ⇒ Boolean
• #resolve_controller(name) ⇒ Object
• #revoke_previous_client_credentials_token? ⇒ Boolean
• #scopes ⇒ Object
• #scopes_by_grant_type ⇒ Object
• #token_grant_flows ⇒ Object
• #token_grant_types ⇒ Object
• #token_secret_strategy ⇒ Object

Methods included from Option

extended, option

Methods included from Validations

#validate!

Instance Attribute Details

#application_secret_fallback_strategy ⇒ Object (readonly)

Returns the value of attribute application_secret_fallback_strategy.

# File 'lib/doorkeeper/config.rb', line 415

def application_secret_fallback_strategy
  @application_secret_fallback_strategy
end

#reuse_access_token ⇒ Object (readonly)

Returns the value of attribute reuse_access_token.

# File 'lib/doorkeeper/config.rb', line 415

def reuse_access_token
  @reuse_access_token
end

#token_secret_fallback_strategy ⇒ Object (readonly)

Returns the value of attribute token_secret_fallback_strategy.

# File 'lib/doorkeeper/config.rb', line 415

def token_secret_fallback_strategy
  @token_secret_fallback_strategy
end

Instance Method Details

#access_grant_model ⇒ ActiveRecord::Base, ...

Doorkeeper Access Grant model class.

Returns:

• (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

# File 'lib/doorkeeper/config.rb', line 441

def access_grant_model
  @access_grant_model ||= access_grant_class.constantize
end

#access_token_methods ⇒ Object

# File 'lib/doorkeeper/config.rb', line 536

def access_token_methods
  @access_token_methods ||= %i[
    from_bearer_authorization
    from_access_token_param
    from_bearer_param
  ]
end

#access_token_model ⇒ ActiveRecord::Base, ...

Doorkeeper Access Token model class.

Returns:

• (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

# File 'lib/doorkeeper/config.rb', line 433

def access_token_model
  @access_token_model ||= access_token_class.constantize
end

#allow_blank_redirect_uri?(application = nil) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 622

def allow_blank_redirect_uri?(application = nil)
  if allow_blank_redirect_uri.respond_to?(:call)
    allow_blank_redirect_uri.call(grant_flows, application)
  else
    allow_blank_redirect_uri
  end
end

#allow_grant_flow_for_client ⇒ Boolean

Allows to customize OAuth grant flows that each application support. You can configure a custom block (or use a class respond to ‘#call`) that must return `true` in case Application instance supports requested OAuth grant flow during the authorization request to the server. This configuration doesn’t set flows per application, it only allows to check if application supports specific grant flow.

For example you can add an additional database column to ‘oauth_applications` table, say `t.array :grant_flows, default: []`, and store allowed grant flows that can be used with this application there. Then when authorization requested Doorkeeper will call this block to check if specific Application (passed with client_id and/or client_secret) is allowed to perform the request for the specific grant type (authorization, password, client_credentials, etc).

Example of the block:

->(flow, client) { client.grant_flows.include?(flow) }

In case this option invocation result is ‘false`, Doorkeeper server returns :unauthorized_client error and stops the request.

Parameters:

• allow_grant_flow_for_client (Proc) —

  Block or any object respond to #call

Returns:

• (Boolean) —

  ‘true` if allow or `false` if forbid the request

# File 'lib/doorkeeper/config.rb', line 285

option :allow_grant_flow_for_client,    default: ->(_grant_flow, _client) { true }

#allow_grant_flow_for_client?(grant_flow, client) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 630

def allow_grant_flow_for_client?(grant_flow, client)
  return true unless option_defined?(:allow_grant_flow_for_client)

  allow_grant_flow_for_client.call(grant_flow, client)
end

#api_only ⇒ Object

# File 'lib/doorkeeper/config.rb', line 453

def api_only
  @api_only ||= false
end

#application_model ⇒ ActiveRecord::Base, ...

Doorkeeper Application model class.

Returns:

• (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

# File 'lib/doorkeeper/config.rb', line 449

def application_model
  @application_model ||= application_class.constantize
end

#application_secret_hashed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 504

def application_secret_hashed?
  instance_variable_defined?(:"@application_secret_strategy")
end

#application_secret_strategy ⇒ Object

# File 'lib/doorkeeper/config.rb', line 512

def application_secret_strategy
  @application_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end

#authorization_response_flows ⇒ Object

# File 'lib/doorkeeper/config.rb', line 548

def authorization_response_flows
  @authorization_response_flows ||= enabled_grant_flows.select(&:handles_response_type?) +
                                    deprecated_authorization_flows
end

#authorization_response_types ⇒ Object

# File 'lib/doorkeeper/config.rb', line 557

def authorization_response_types
  authorization_response_flows.map(&:response_type_matches)
end

#calculate_authorization_response_types ⇒ Object

[NOTE]: deprecated and will be removed soon

# File 'lib/doorkeeper/config.rb', line 593

def calculate_authorization_response_types
  []
end

#calculate_grant_flows ⇒ Object

Calculates grant flows configured by the user in Doorkeeper configuration considering registered aliases that is exposed to single or multiple other flows.

# File 'lib/doorkeeper/config.rb', line 608

def calculate_grant_flows
  configured_flows = grant_flows.map(&:to_s)
  aliases = Doorkeeper::GrantFlow.aliases.keys.map(&:to_s)

  flows = configured_flows - aliases
  aliases.each do |flow_alias|
    next unless configured_flows.include?(flow_alias)

    flows.concat(Doorkeeper::GrantFlow.expand_alias(flow_alias))
  end

  flows.flatten.uniq
end

#calculate_token_grant_types ⇒ Object

[NOTE]: deprecated and will be removed soon

# File 'lib/doorkeeper/config.rb', line 598

def calculate_token_grant_types
  types = grant_flows - ["implicit"]
  types << "refresh_token" if refresh_token_enabled?
  types
end

#clear_cache! ⇒ Object

# File 'lib/doorkeeper/config.rb', line 419

def clear_cache!
  %i[
    application_model
    access_token_model
    access_grant_model
  ].each do |var|
    remove_instance_variable("@#{var}") if instance_variable_defined?("@#{var}")
  end
end

#client_credentials_methods ⇒ Object

# File 'lib/doorkeeper/config.rb', line 532

def client_credentials_methods
  @client_credentials_methods ||= %i[from_basic from_params]
end

#confirm_application_owner? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 496

def confirm_application_owner?
  option_set? :confirm_application_owner
end

#default_scopes ⇒ Object

# File 'lib/doorkeeper/config.rb', line 516

def default_scopes
  @default_scopes ||= OAuth::Scopes.new
end

#deprecated_authorization_flows ⇒ Object

[NOTE]: deprecated and will be removed soon

# File 'lib/doorkeeper/config.rb', line 576

def deprecated_authorization_flows
  response_types = calculate_authorization_response_types

  if response_types.any?
    ::Kernel.warn <<~WARNING
      Please, don't patch Doorkeeper::Config#calculate_authorization_response_types method.
      Register your custom grant flows using the public API:
      `Doorkeeper::GrantFlow.register(grant_flow_name, **options)`.
    WARNING
  end

  response_types.map do |response_type|
    Doorkeeper::GrantFlow::FallbackFlow.new(response_type, response_type_matches: response_type)
  end
end

#deprecated_token_grant_types_resolver ⇒ Object

[NOTE]: deprecated and will be removed soon

# File 'lib/doorkeeper/config.rb', line 566

def deprecated_token_grant_types_resolver
  @deprecated_token_grant_types ||= calculate_token_grant_types
end

#enable_application_owner? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 488

def enable_application_owner?
  option_set? :enable_application_owner
end

#enabled_grant_flows ⇒ Object

# File 'lib/doorkeeper/config.rb', line 544

def enabled_grant_flows
  @enabled_grant_flows ||= calculate_grant_flows.map { |name| Doorkeeper::GrantFlow.get(name) }.compact
end

#enforce_configured_scopes? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 484

def enforce_configured_scopes?
  option_set? :enforce_configured_scopes
end

#enforce_content_type ⇒ Object

# File 'lib/doorkeeper/config.rb', line 457

def enforce_content_type
  @enforce_content_type ||= false
end

#native_authorization_code_route ⇒ Object

# File 'lib/doorkeeper/config.rb', line 570

def native_authorization_code_route
  @use_url_path_for_native_authorization = false unless defined?(@use_url_path_for_native_authorization)
  @use_url_path_for_native_authorization ? '/:code' : '/native'
end

#option_defined?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 636

def option_defined?(name)
  instance_variable_defined?("@#{name}")
end

#optional_scopes ⇒ Object

# File 'lib/doorkeeper/config.rb', line 520

def optional_scopes
  @optional_scopes ||= OAuth::Scopes.new
end

#polymorphic_resource_owner? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 492

def polymorphic_resource_owner?
  option_set? :polymorphic_resource_owner
end

#raise_on_errors? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 500

def raise_on_errors?
  handle_auth_errors == :raise
end

#refresh_token_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 461

def refresh_token_enabled?
  if defined?(@refresh_token_enabled)
    @refresh_token_enabled
  else
    false
  end
end

#resolve_controller(name) ⇒ Object

# File 'lib/doorkeeper/config.rb', line 469

def resolve_controller(name)
  config_option = public_send(:"#{name}_controller")
  controller_name = if config_option.respond_to?(:call)
                      instance_exec(&config_option)
                    else
                      config_option
                    end

  controller_name.constantize
end

#revoke_previous_client_credentials_token? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/config.rb', line 480

def revoke_previous_client_credentials_token?
  option_set? :revoke_previous_client_credentials_token
end

#scopes ⇒ Object

# File 'lib/doorkeeper/config.rb', line 524

def scopes
  @scopes ||= default_scopes + optional_scopes
end

#scopes_by_grant_type ⇒ Object

# File 'lib/doorkeeper/config.rb', line 528

def scopes_by_grant_type
  @scopes_by_grant_type ||= {}
end

#token_grant_flows ⇒ Object

# File 'lib/doorkeeper/config.rb', line 553

def token_grant_flows
  @token_grant_flows ||= calculate_token_grant_flows
end

#token_grant_types ⇒ Object

# File 'lib/doorkeeper/config.rb', line 561

def token_grant_types
  token_grant_flows.map(&:grant_type_matches)
end

#token_secret_strategy ⇒ Object

# File 'lib/doorkeeper/config.rb', line 508

def token_secret_strategy
  @token_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end