Class: Doorkeeper::Config
- Inherits:
-
Object
- Object
- Doorkeeper::Config
show all
- Extended by:
- Option
- Includes:
- Validations
- Defined in:
- lib/doorkeeper/config.rb,
lib/doorkeeper/config/option.rb,
lib/doorkeeper/config/validations.rb,
lib/doorkeeper/config/abstract_builder.rb
Overview
Doorkeeper option DSL could be reused in extensions to build their own configurations. To use the Option DSL gems need to define ‘builder_class` method that returns configuration Builder class. This exception raises when they don’t define it.
Defined Under Namespace
Modules: Option, Validations
Classes: AbstractBuilder, Builder
Instance Attribute Summary collapse
Instance Method Summary
collapse
Methods included from Option
extended, option
#validate!
Instance Attribute Details
#application_secret_fallback_strategy ⇒ Object
Returns the value of attribute application_secret_fallback_strategy.
415
416
417
|
# File 'lib/doorkeeper/config.rb', line 415
def application_secret_fallback_strategy
@application_secret_fallback_strategy
end
|
#reuse_access_token ⇒ Object
Returns the value of attribute reuse_access_token.
415
416
417
|
# File 'lib/doorkeeper/config.rb', line 415
def reuse_access_token
@reuse_access_token
end
|
#token_secret_fallback_strategy ⇒ Object
Returns the value of attribute token_secret_fallback_strategy.
415
416
417
|
# File 'lib/doorkeeper/config.rb', line 415
def token_secret_fallback_strategy
@token_secret_fallback_strategy
end
|
Instance Method Details
#access_grant_model ⇒ ActiveRecord::Base, ...
Doorkeeper Access Grant model class.
441
442
443
|
# File 'lib/doorkeeper/config.rb', line 441
def access_grant_model
@access_grant_model ||= access_grant_class.constantize
end
|
#access_token_methods ⇒ Object
536
537
538
539
540
541
542
|
# File 'lib/doorkeeper/config.rb', line 536
def access_token_methods
@access_token_methods ||= %i[
from_bearer_authorization
from_access_token_param
from_bearer_param
]
end
|
#access_token_model ⇒ ActiveRecord::Base, ...
Doorkeeper Access Token model class.
433
434
435
|
# File 'lib/doorkeeper/config.rb', line 433
def access_token_model
@access_token_model ||= access_token_class.constantize
end
|
#allow_blank_redirect_uri?(application = nil) ⇒ Boolean
622
623
624
625
626
627
628
|
# File 'lib/doorkeeper/config.rb', line 622
def allow_blank_redirect_uri?(application = nil)
if allow_blank_redirect_uri.respond_to?(:call)
allow_blank_redirect_uri.call(grant_flows, application)
else
allow_blank_redirect_uri
end
end
|
#allow_grant_flow_for_client ⇒ Boolean
Allows to customize OAuth grant flows that each
application support. You can configure a custom block (or use a class respond to ‘#call`) that must return `true` in case Application instance supports requested OAuth grant flow during the authorization request to the server. This configuration doesn’t set flows per application, it only allows to check if application supports specific grant flow.
For example you can add an additional database column to ‘oauth_applications` table, say `t.array :grant_flows, default: []`, and store allowed grant flows that can be used with this application there. Then when authorization requested Doorkeeper will call this block to check if specific Application (passed with client_id and/or client_secret) is allowed to perform the request for the specific grant type (authorization, password, client_credentials, etc).
Example of the block:
->(flow, client) { client.grant_flows.include?(flow) }
In case this option invocation result is ‘false`, Doorkeeper server returns :unauthorized_client error and stops the request.
285
|
# File 'lib/doorkeeper/config.rb', line 285
option :allow_grant_flow_for_client, default: ->(_grant_flow, _client) { true }
|
#allow_grant_flow_for_client?(grant_flow, client) ⇒ Boolean
630
631
632
633
634
|
# File 'lib/doorkeeper/config.rb', line 630
def allow_grant_flow_for_client?(grant_flow, client)
return true unless option_defined?(:allow_grant_flow_for_client)
allow_grant_flow_for_client.call(grant_flow, client)
end
|
#api_only ⇒ Object
453
454
455
|
# File 'lib/doorkeeper/config.rb', line 453
def api_only
@api_only ||= false
end
|
#application_model ⇒ ActiveRecord::Base, ...
Doorkeeper Application model class.
449
450
451
|
# File 'lib/doorkeeper/config.rb', line 449
def application_model
@application_model ||= application_class.constantize
end
|
#application_secret_hashed? ⇒ Boolean
504
505
506
|
# File 'lib/doorkeeper/config.rb', line 504
def application_secret_hashed?
instance_variable_defined?(:"@application_secret_strategy")
end
|
#application_secret_strategy ⇒ Object
512
513
514
|
# File 'lib/doorkeeper/config.rb', line 512
def application_secret_strategy
@application_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end
|
#authorization_response_flows ⇒ Object
548
549
550
551
|
# File 'lib/doorkeeper/config.rb', line 548
def authorization_response_flows
@authorization_response_flows ||= enabled_grant_flows.select(&:handles_response_type?) +
deprecated_authorization_flows
end
|
#authorization_response_types ⇒ Object
557
558
559
|
# File 'lib/doorkeeper/config.rb', line 557
def authorization_response_types
authorization_response_flows.map(&:response_type_matches)
end
|
#calculate_authorization_response_types ⇒ Object
[NOTE]: deprecated and will be removed soon
593
594
595
|
# File 'lib/doorkeeper/config.rb', line 593
def calculate_authorization_response_types
[]
end
|
#calculate_grant_flows ⇒ Object
Calculates grant flows configured by the user in Doorkeeper configuration considering registered aliases that is exposed to single or multiple other flows.
608
609
610
611
612
613
614
615
616
617
618
619
620
|
# File 'lib/doorkeeper/config.rb', line 608
def calculate_grant_flows
configured_flows = grant_flows.map(&:to_s)
aliases = Doorkeeper::GrantFlow.aliases.keys.map(&:to_s)
flows = configured_flows - aliases
aliases.each do |flow_alias|
next unless configured_flows.include?(flow_alias)
flows.concat(Doorkeeper::GrantFlow.expand_alias(flow_alias))
end
flows.flatten.uniq
end
|
#calculate_token_grant_types ⇒ Object
[NOTE]: deprecated and will be removed soon
598
599
600
601
602
|
# File 'lib/doorkeeper/config.rb', line 598
def calculate_token_grant_types
types = grant_flows - ["implicit"]
types << "refresh_token" if refresh_token_enabled?
types
end
|
#clear_cache! ⇒ Object
419
420
421
422
423
424
425
426
427
|
# File 'lib/doorkeeper/config.rb', line 419
def clear_cache!
%i[
application_model
access_token_model
access_grant_model
].each do |var|
remove_instance_variable("@#{var}") if instance_variable_defined?("@#{var}")
end
end
|
#client_credentials_methods ⇒ Object
532
533
534
|
# File 'lib/doorkeeper/config.rb', line 532
def client_credentials_methods
@client_credentials_methods ||= %i[from_basic from_params]
end
|
#confirm_application_owner? ⇒ Boolean
496
497
498
|
# File 'lib/doorkeeper/config.rb', line 496
def confirm_application_owner?
option_set? :confirm_application_owner
end
|
#default_scopes ⇒ Object
516
517
518
|
# File 'lib/doorkeeper/config.rb', line 516
def default_scopes
@default_scopes ||= OAuth::Scopes.new
end
|
#deprecated_authorization_flows ⇒ Object
[NOTE]: deprecated and will be removed soon
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
|
# File 'lib/doorkeeper/config.rb', line 576
def deprecated_authorization_flows
response_types = calculate_authorization_response_types
if response_types.any?
::Kernel.warn <<~WARNING
Please, don't patch Doorkeeper::Config#calculate_authorization_response_types method.
Register your custom grant flows using the public API:
`Doorkeeper::GrantFlow.register(grant_flow_name, **options)`.
WARNING
end
response_types.map do |response_type|
Doorkeeper::GrantFlow::FallbackFlow.new(response_type, response_type_matches: response_type)
end
end
|
#deprecated_token_grant_types_resolver ⇒ Object
[NOTE]: deprecated and will be removed soon
566
567
568
|
# File 'lib/doorkeeper/config.rb', line 566
def deprecated_token_grant_types_resolver
@deprecated_token_grant_types ||= calculate_token_grant_types
end
|
#enable_application_owner? ⇒ Boolean
488
489
490
|
# File 'lib/doorkeeper/config.rb', line 488
def enable_application_owner?
option_set? :enable_application_owner
end
|
#enabled_grant_flows ⇒ Object
544
545
546
|
# File 'lib/doorkeeper/config.rb', line 544
def enabled_grant_flows
@enabled_grant_flows ||= calculate_grant_flows.map { |name| Doorkeeper::GrantFlow.get(name) }.compact
end
|
484
485
486
|
# File 'lib/doorkeeper/config.rb', line 484
def enforce_configured_scopes?
option_set? :enforce_configured_scopes
end
|
#enforce_content_type ⇒ Object
457
458
459
|
# File 'lib/doorkeeper/config.rb', line 457
def enforce_content_type
@enforce_content_type ||= false
end
|
#native_authorization_code_route ⇒ Object
570
571
572
573
|
# File 'lib/doorkeeper/config.rb', line 570
def native_authorization_code_route
@use_url_path_for_native_authorization = false unless defined?(@use_url_path_for_native_authorization)
@use_url_path_for_native_authorization ? '/:code' : '/native'
end
|
#option_defined?(name) ⇒ Boolean
636
637
638
|
# File 'lib/doorkeeper/config.rb', line 636
def option_defined?(name)
instance_variable_defined?("@#{name}")
end
|
#optional_scopes ⇒ Object
520
521
522
|
# File 'lib/doorkeeper/config.rb', line 520
def optional_scopes
@optional_scopes ||= OAuth::Scopes.new
end
|
#polymorphic_resource_owner? ⇒ Boolean
492
493
494
|
# File 'lib/doorkeeper/config.rb', line 492
def polymorphic_resource_owner?
option_set? :polymorphic_resource_owner
end
|
#raise_on_errors? ⇒ Boolean
500
501
502
|
# File 'lib/doorkeeper/config.rb', line 500
def raise_on_errors?
handle_auth_errors == :raise
end
|
#refresh_token_enabled? ⇒ Boolean
461
462
463
464
465
466
467
|
# File 'lib/doorkeeper/config.rb', line 461
def refresh_token_enabled?
if defined?(@refresh_token_enabled)
@refresh_token_enabled
else
false
end
end
|
#resolve_controller(name) ⇒ Object
469
470
471
472
473
474
475
476
477
478
|
# File 'lib/doorkeeper/config.rb', line 469
def resolve_controller(name)
config_option = public_send(:"#{name}_controller")
controller_name = if config_option.respond_to?(:call)
instance_exec(&config_option)
else
config_option
end
controller_name.constantize
end
|
#revoke_previous_client_credentials_token? ⇒ Boolean
480
481
482
|
# File 'lib/doorkeeper/config.rb', line 480
def revoke_previous_client_credentials_token?
option_set? :revoke_previous_client_credentials_token
end
|
#scopes ⇒ Object
524
525
526
|
# File 'lib/doorkeeper/config.rb', line 524
def scopes
@scopes ||= default_scopes + optional_scopes
end
|
#scopes_by_grant_type ⇒ Object
528
529
530
|
# File 'lib/doorkeeper/config.rb', line 528
def scopes_by_grant_type
@scopes_by_grant_type ||= {}
end
|
#token_grant_flows ⇒ Object
553
554
555
|
# File 'lib/doorkeeper/config.rb', line 553
def token_grant_flows
@token_grant_flows ||= calculate_token_grant_flows
end
|
#token_grant_types ⇒ Object
561
562
563
|
# File 'lib/doorkeeper/config.rb', line 561
def token_grant_types
token_grant_flows.map(&:grant_type_matches)
end
|
#token_secret_strategy ⇒ Object
508
509
510
|
# File 'lib/doorkeeper/config.rb', line 508
def token_secret_strategy
@token_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end
|