Class: Opro::Oauth::TokenController
- Inherits:
-
OproController
- Object
- ApplicationController
- OproController
- Opro::Oauth::TokenController
- Defined in:
- app/controllers/opro/oauth/token_controller.rb
Overview
This controller is where clients can exchange codes and refresh_tokens for access_tokens
Instance Method Summary collapse
Instance Method Details
#create ⇒ Object
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'app/controllers/opro/oauth/token_controller.rb', line 9 def create # Find the client application application = Opro::Oauth::ClientApp.authenticate(params[:client_id], params[:client_secret]) if application.nil? render :json => {:error => app_not_found_error(params)}, :status => :unauthorized and return end if params[:code] auth_grant = Opro::Oauth::AuthGrant.auth_with_code!(params[:code], application.id) elsif params[:refresh_token] auth_grant = Opro::Oauth::AuthGrant.find_for_refresh(params[:refresh_token], application.id) elsif params[:password].present? || params[:grant_type] == "password"|| params[:grant_type] == "bearer" user = ::Opro.find_user_for_all_auths!(self, params) if Opro.password_exchange_enabled? && oauth_valid_password_auth?(params[:client_id], params[:client_secret]) auth_grant = Opro::Oauth::AuthGrant.auth_with_user!(user, application.id) if user.present? end if auth_grant.blank? render :json => {:error => debug_error_msg(params) }, :status => :unauthorized and return end auth_grant.refresh! render :json => { :access_token => auth_grant.access_token, :refresh_token => auth_grant.refresh_token, :expires_in => auth_grant.expires_in } end |