Class: Rack::OAuth2::Server::AuthRequest

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• Rack::OAuth2::Server::AuthRequest

Defined in:

lib/rack/oauth2/models/auth_request.rb

Overview

Authorization request. Represents request on behalf of client to access particular scope. Use this to keep state from incoming authorization request to grant/deny redirect.

Class Method Summary

• .create(client, scope, redirect_uri, response_type, state) ⇒ Object

  Create a new authorization request.

Instance Method Summary

• #deny! ⇒ Object

  Deny access.

• #grant!(identity) ⇒ Object

  Grant access to the specified identity.

Class Method Details

.create(client, scope, redirect_uri, response_type, state) ⇒ Object

Create a new authorization request. This holds state, so in addition to client ID and scope, we need to know the URL to redirect back to and any state value to pass back in that redirect.

# File 'lib/rack/oauth2/models/auth_request.rb', line 21

def self.create(client, scope, redirect_uri, response_type, state)
  scope = Utils.normalize_scope(scope) & Utils.normalize_scope(client.scope) # Only allowed scope

  attributes = {
    :code => Server.secure_random,
    :client_id => client.id,
    :scope => scope.join(' '),
    :redirect_uri => (client.redirect_uri || redirect_uri),
    :response_type => response_type,
    :state => state
  }

  super(attributes)
end

Instance Method Details

#deny! ⇒ Object

Deny access. this seems broken … ?

# File 'lib/rack/oauth2/models/auth_request.rb', line 52

def deny!
  # self.authorized_at = Time.now.to_i
  # self.class.collection.update({ :_id=>id }, { :$set=>{ :authorized_at=>authorized_at } })
end

#grant!(identity) ⇒ Object

Grant access to the specified identity.

Raises:

• (ArgumentError)

# File 'lib/rack/oauth2/models/auth_request.rb', line 37

def grant!(identity)
  raise ArgumentError, "Must supply a identity" unless identity
  return if revoked

  if response_type == "code" # Requested authorization code
    access_grant = AccessGrant.create(identity, client, scope, redirect_uri)
    update_attributes(:grant_code => access_grant.code, :authorized_at => Time.now)
  else # Requested access token
    access_token = AccessToken.get_token_for(identity, client, scope)
    update_attributes(:access_token => access_token.token, :authorized_at => Time.now)
  end
end