Class: Oauth2Provider::TokenController

Inherits:
ApplicationController show all
Includes:
ActionView::Helpers::DateHelper
Defined in:
app/controllers/oauth2_provider/token_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#_oauth_provider_admin?

Methods included from ControllerMixin

#_oauth_provider_authenticate, #_oauth_provider_json_body, #_oauth_provider_normalize_token, #api_request, #json?, #oauth_authorized, #session_auth

Instance Method Details

#createObject



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# File 'app/controllers/oauth2_provider/token_controller.rb', line 27

def create
  # section 4.1.3 - authorization code flow
  if @body[:grant_type] == "authorization_code"
    @token = Oauth2Provider::OauthToken.create(client_uri: @client.uri, resource_owner_uri: @authorization.resource_owner_uri, scope: @authorization.scope)
    @refresh_token = Oauth2Provider::OauthRefreshToken.create(access_token: @token.token)
    render "/shared/token" and return
  end

  # section 4.3.1 (password credentials flow)
  if @body[:grant_type] == "password"
    @token = Oauth2Provider::OauthToken.create(client_uri: @client.uri, resource_owner_uri: user_url(@resource_owner), scope: @body[:scope])
    @refresh_token = Oauth2Provider::OauthRefreshToken.create(access_token: @token.token)
    render "/shared/token" and return
  end

  # section 6.0 (refresh token)
  if @body[:grant_type] == "refresh_token"
    @token = Oauth2Provider::OauthToken.create(client_uri: @expired_token.client_uri, resource_owner_uri: @expired_token.resource_owner_uri, scope: @expired_token.scope)
    render "/shared/token" and return
  end
end

#destroyObject

simulate a logout blocking the token TODO: refactoring



51
52
53
54
55
56
57
58
59
# File 'app/controllers/oauth2_provider/token_controller.rb', line 51

def destroy
  token = Oauth2Provider::OauthToken.where(token: params[:id]).first
  if token
    token.block!
    return head 200
  else
    return head 404
  end
end