Class: OAuth2::AuthRequest

Inherits:

Object

• Object
• OAuth2::AuthRequest

Defined in:

lib/oauth20/auth_request.rb

Overview

Class to represent incoming authorization request.

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

• #client_id ⇒ Object readonly

  Returns the value of attribute client_id.

• #redirect_uri ⇒ Object readonly

  Returns the value of attribute redirect_uri.

• #response_type ⇒ Object readonly

  Returns the value of attribute response_type.

• #scope ⇒ Object readonly

  Returns the value of attribute scope.

• #state ⇒ Object readonly

  Returns the value of attribute state.

• #user ⇒ Object

  Returns the value of attribute user.

Instance Method Summary

• #initialize(client_key, response_type, options = {}) ⇒ AuthRequest constructor

  Initialize OAuth flow request with given attributes.

• #response ⇒ AuthResponse

  Get the response object.

• #validate! ⇒ Object

  Validate if the request parameters match to the protocol specification.

Constructor Details

#initialize(client_key, response_type, options = {}) ⇒ AuthRequest

Initialize OAuth flow request with given attributes.

Parameters:

• Unique (String) —

  client identifier.

• Type (String) —

  of the response expected.

• Additional (Hash) —

  hash of commands (recirect_uri, scope, state).

# File 'lib/oauth20/auth_request.rb', line 15

def initialize(client_key, response_type, options = {})
  @client_id = client_key
  @response_type = response_type
  @redirect_uri = options[:redirect_uri] || nil
  @scope = options[:scope] || nil
  @state = options[:state] || nil
  
  validate!
end

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/oauth20/auth_request.rb', line 6

def client
  @client
end

#client_id ⇒ Object (readonly)

Returns the value of attribute client_id.

# File 'lib/oauth20/auth_request.rb', line 6

def client_id
  @client_id
end

#redirect_uri ⇒ Object (readonly)

Returns the value of attribute redirect_uri.

# File 'lib/oauth20/auth_request.rb', line 6

def redirect_uri
  @redirect_uri
end

#response_type ⇒ Object (readonly)

Returns the value of attribute response_type.

# File 'lib/oauth20/auth_request.rb', line 6

def response_type
  @response_type
end

#scope ⇒ Object (readonly)

Returns the value of attribute scope.

# File 'lib/oauth20/auth_request.rb', line 6

def scope
  @scope
end

#state ⇒ Object (readonly)

Returns the value of attribute state.

# File 'lib/oauth20/auth_request.rb', line 6

def state
  @state
end

#user ⇒ Object

Returns the value of attribute user.

# File 'lib/oauth20/auth_request.rb', line 6

def user
  @user
end

Instance Method Details

#response ⇒ AuthResponse

Get the response object. Its gonna raise error unless user was stored to the request. That should happen after user had used valid credentials to login to authorization server.

Returns:

• (AuthResponse) —

  AuthResponse object with all necessary attributes.

Raises:

• (AuthError)

# File 'lib/oauth20/auth_request.rb', line 32

def response
  raise AuthError.new(OAuth2::ERROR_ACCESS_DENIED) unless @user
  
  AuthResponse.new(self)
end

#validate! ⇒ Object

Validate if the request parameters match to the protocol specification.

Raises:

• (AuthError)

# File 'lib/oauth20/auth_request.rb', line 42

def validate!
  unless @response_type && @client_id
    raise AuthError.new(OAuth2::ERROR_INVALID_REQUEST)
  end
  
  @client = Client.find_by_key(@client_id)
  raise AuthError.new(OAuth2::ERROR_INVALID_CLIENT) unless @client
  
  #if @redirect_uri && @client.redirect_uri
  #  raise AuthError.new(OAuth2::ERROR_INVALID_REQUEST) unless @redirect_uri == @client.redirect_uri
  #end
  
  @redirect_uri = @client.redirect_uri unless @redirect_uri && @client.redirect_uri
  
  
  unless @response_type == 'code'
    raise AuthError.new(OAuth2::ERROR_UNSUPPORTED_RESPONSE_TYPE)
  end
end