Class: OAuth2::Provider::Rack::ResourceRequest

Inherits:

Rack::Request

• Object
• Rack::Request
• OAuth2::Provider::Rack::ResourceRequest

Includes:

Responses

Defined in:

lib/oauth2/provider/rack/resource_request.rb

Instance Method Summary

• #authenticate_request!(options, &block) ⇒ Object
• #authenticated? ⇒ Boolean
• #authorization ⇒ Object
• #authorization_header ⇒ Object
• #block_invalid_request ⇒ Object
• #block_invalid_token ⇒ Object
• #has_token? ⇒ Boolean
• #resource_owner ⇒ Object
• #token ⇒ Object
• #token_from_header ⇒ Object
• #token_from_param ⇒ Object
• #validate_token! ⇒ Object

Methods included from Responses

#authentication_required!, #insufficient_scope!, #invalid_request!, json_error, only_supported, redirect_with_code, redirect_with_error, unauthorized

Instance Method Details

#authenticate_request!(options, &block) ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 31

def authenticate_request!(options, &block)
  if authenticated?
    if options[:scope].nil? || has_scope?(options[:scope])
      yield
    else
      insufficient_scope!
    end
  else
    authentication_required!
  end
end

#authenticated? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/oauth2/provider/rack/resource_request.rb', line 48

def authenticated?
  authorization.present?
end

#authorization ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 43

def authorization
  validate_token!
  @authorization
end

#authorization_header ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 27

def authorization_header
  @authorization_header ||= Rack::Auth::AbstractRequest.new(env)
end

#block_invalid_request ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 64

def block_invalid_request
  if token_from_param && token_from_header && (token_from_param != token_from_header)
    invalid_request! 'both authorization header and oauth_token provided, with conflicting tokens'
  end
end

#block_invalid_token ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 70

def block_invalid_token
  access_token = OAuth2::Provider.access_token_class.find_by_access_token(token)
  @authorization = access_token.authorization if access_token
  authentication_required! 'invalid_token' if access_token.nil? || access_token.expired?
end

#has_token? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/oauth2/provider/rack/resource_request.rb', line 13

def has_token?
  !token.nil?
end

#resource_owner ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 52

def resource_owner
  authorization && authorization.resource_owner
end

#token ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 9

def token
  token_from_param || token_from_header
end

#token_from_header ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 21

def token_from_header
  if authorization_header.provided?
    authorization_header.params
  end
end

#token_from_param ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 17

def token_from_param
  params["oauth_token"]
end

#validate_token! ⇒ Object

# File 'lib/oauth2/provider/rack/resource_request.rb', line 56

def validate_token!
  if has_token? && @token_validated.nil?
    @token_validated = true
    block_invalid_request
    block_invalid_token
  end
end