Class: Simple::OAuth2::Generators::Token

Inherits:
Base
  • Object
show all
Defined in:
lib/simple_oauth2/generators/token.rb

Overview

Token generator class. Processes the request by required Grant Type and builds the response

Class Method Summary collapse

Methods inherited from Base

allowed_grants, allowed_types, config

Class Method Details

.generate_for(env, &_block) ⇒ Simple::OAuth2::Responses

Generates Token Response based on the request

Returns:


12
13
14
15
16
17
18
19
20
21
22
23
24
# File 'lib/simple_oauth2/generators/token.rb', line 12

def generate_for(env, &_block)
  token = Rack::OAuth2::Server::Token.new do |request, response|
    request.unsupported_grant_type! unless allowed_grants.include?(request.grant_type.to_s)

    if block_given?
      yield(request, response)
    else
      execute_default(request, response)
    end
  end

  Simple::OAuth2::Responses.new(token.call(env))
end

.revoke(token, env) ⇒ Response

OAuth 2.0 Token Revocation - tools.ietf.org/html/rfc7009

Returns:

  • (Response)

    with HTTP status code 200


30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/simple_oauth2/generators/token.rb', line 30

def revoke(token, env)
  access_token = config.access_token_class.authenticate(token, 'refresh_token')

  if access_token
    request = Rack::OAuth2::Server::Token::Request.new(env)

    # The authorization server, if applicable, first authenticates the client
    # and checks its ownership of the provided token.
    client = Simple::OAuth2::Strategies::Base.authenticate_client(request) || request.invalid_client!
    client.id == access_token.client.id && access_token.revoke!
  end  # The authorization server responds with HTTP status code 200 if the token
  # has been revoked successfully or if the client submitted an invalid token

  [200, {}, []]
end