Class: Platform::OauthController
Overview
Instance Method Summary
collapse
#mobile_device?, #platform_current_developer, #platform_current_user, #platform_current_user_is_admin?, #platform_current_user_is_developer?, #platform_current_user_is_guest?
Instance Method Details
#auth_failed ⇒ Object
85
86
87
|
# File 'app/controllers/platform/oauth_controller.rb', line 85
def auth_failed
render :layout => false
end
|
#auth_success ⇒ Object
81
82
83
|
# File 'app/controllers/platform/oauth_controller.rb', line 81
def auth_success
render :layout => false
end
|
#authorize ⇒ Object
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'app/controllers/platform/oauth_controller.rb', line 32
def authorize
if request_param(:client_id).blank?
return redirect_with_response(:error_description => "client_id must be provided", :error => :invalid_request)
end
unless client_application
return redirect_with_response(:error_description => "invalid client application id", :error => :unauthorized_client)
end
platform_store_oauth_redirect_params
if platform_current_user_is_guest?
return redirect_to(platform_login_url)
end
if redirect_url_required? and redirect_url.blank?
return redirect_with_response(:error_description => "redirect_uri must be provided as a parameter or in the application callback_url property", :error => :invalid_request)
end
unless ["code","token"].include?(response_type)
return redirect_with_response(:error_description => "only code and token response types are currently supported", :error => :unsupported_response_type)
end
unless redirect_url_valid?(redirect_url)
return redirect_with_response(:error_description => "redirect_uri cannot point to a different server than from the one it sent a request", :error => :invalid_request)
end
send("oauth2_authorize_#{response_type}")
end
|
#deauthorize ⇒ Object
105
106
107
108
109
110
|
# File 'app/controllers/platform/oauth_controller.rb', line 105
def deauthorize
unless Platform::Config.current_user_is_guest?
client_application.deauthorize_user if client_application
end
render_response(:result => "OK")
end
|
#invalidate_token ⇒ Object
99
100
101
102
103
|
# File 'app/controllers/platform/oauth_controller.rb', line 99
def invalidate_token
token = Platform::Oauth::OauthToken.find_by_token(request_param(:access_token))
token.invalidate! if token
render_response(:result => "OK")
end
|
#request_token ⇒ Object
Also known as:
token
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# File 'app/controllers/platform/oauth_controller.rb', line 64
def request_token
if request_param(:client_id).blank?
return render_response(:error_description => "client_id must be provided", :error => :invalid_request)
end
unless client_application
return render_response(:error_description => "invalid client application id", :error => :unauthorized_client)
end
unless ["authorization_code", "password", "refresh_token", "client_credentials"].include?(grant_type)
return render_response(:error_description => "only authorization_code, password and refresh_token grant types are currently supported", :error => :unsupported_grant_type)
end
send("oauth2_request_token_#{grant_type}")
end
|
#validate_token ⇒ Object
89
90
91
92
93
94
95
96
|
# File 'app/controllers/platform/oauth_controller.rb', line 89
def validate_token
token = Platform::Oauth::OauthToken.find_by_token(request_param(:access_token))
if token && token.authorized?
render_response(:result => "OK")
else
render_response(:error => :invalid_token, :error_description => "invalid token")
end
end
|
130
131
132
|
# File 'app/controllers/platform/oauth_controller.rb', line 130
def xd
render :layout => false
end
|
#xd? ⇒ Boolean
126
127
128
|
# File 'app/controllers/platform/oauth_controller.rb', line 126
def xd?
['popup', 'hidden'].include?(display)
end
|
#xd_status ⇒ Object
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
# File 'app/controllers/platform/oauth_controller.rb', line 135
def xd_status
if params[:origin].blank?
return redirect_with_response(:status => "unknown", :error => :invalid_request, :error_description => "origin must be specified")
end
unless client_application
return redirect_with_response(:status => "unknown", :error => :invalid_request, :error_description => "client_id must be specified")
end
uri = URI.parse(params[:origin])
unless uri.host == client_application.site_domain
return redirect_with_response(:status => "unknown", :error => :invalid_request, :error_description => "Anauthorized access - invalid origin.")
end
if Platform::Config.current_user_is_guest?
return redirect_with_response(:status => "unknown")
end
if client_application.authorized_user?
access_token = client_application.create_access_token(:user=>Platform.current_user, :scope=>scope)
refresh_token = client_application.create_refresh_token(:user=>Platform.current_user, :scope=>scope)
return redirect_with_response(:status => "authorized", :access_token => access_token.token, :refresh_token => refresh_token.token, :expires_in => (access_token.valid_to.to_i - Time.now.to_i))
end
redirect_with_response(:status => "unauthorized")
end
|