Class: Simple::OAuth2::Generators::Token

Inherits:

Base

• Object
• Base
• Simple::OAuth2::Generators::Token

Defined in:

lib/simple_oauth2/generators/token.rb

Overview

Token generator class. Processes the request by required Grant Type and builds the response

Class Method Summary

• .generate_for(env, &_block) ⇒ Simple::OAuth2::Responses

  Generates Token Response based on the request.

• .revoke(token, env) ⇒ Response

  OAuth 2.0 Token Revocation - tools.ietf.org/html/rfc7009.

Methods inherited from Base

allowed_grants, allowed_types, config

Class Method Details

.generate_for(env, &_block) ⇒ Simple::OAuth2::Responses

Generates Token Response based on the request

Returns:

• (Simple::OAuth2::Responses) —

  response

# File 'lib/simple_oauth2/generators/token.rb', line 12

def generate_for(env, &_block)
  token = Rack::OAuth2::Server::Token.new do |request, response|
    request.unsupported_grant_type! unless allowed_grants.include?(request.grant_type.to_s)

    if block_given?
      yield(request, response)
    else
      execute_default(request, response)
    end
  end

  Simple::OAuth2::Responses.new(token.call(env))
end

.revoke(token, env) ⇒ Response

OAuth 2.0 Token Revocation - tools.ietf.org/html/rfc7009

Returns:

• (Response) —

  with HTTP status code 200

# File 'lib/simple_oauth2/generators/token.rb', line 30

def revoke(token, env)
  access_token = config.access_token_class.by_refresh_token(token)

  if access_token
    request = Rack::OAuth2::Server::Token::Request.new(env)

    # The authorization server, if applicable, first authenticates the client
    # and checks its ownership of the provided token.
    client = Simple::OAuth2::Strategies::Base.authenticate_client(request) || request.invalid_client!
    client.id == access_token.client.id && access_token.revoke!
  end
  # The authorization server responds with HTTP status code 200 if the token
  # has been revoked successfully or if the client submitted an invalid token
  [200, {}, []]
end