Module: Api::OpenidConnect::ProtectedResourceEndpoint

Included in:
UserInfoController, V1::BaseController
Defined in:
lib/api/openid_connect/protected_resource_endpoint.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#current_tokenObject (readonly)

Returns the value of attribute current_token


29
30
31
# File 'lib/api/openid_connect/protected_resource_endpoint.rb', line 29

def current_token
  @current_token
end

Instance Method Details

#access_token?(required_scopes) ⇒ Boolean

Returns:

  • (Boolean)

Raises:

  • (Rack::OAuth2::Server::Resource::Bearer::Unauthorized)

36
37
38
39
40
41
# File 'lib/api/openid_connect/protected_resource_endpoint.rb', line 36

def access_token?(required_scopes)
  @current_token = request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
  raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new("Unauthorized user") unless
    @current_token && @current_token.authorization
  @current_token.authorization.try(:accessible?, required_scopes)
end

#require_access_token(required_scopes) ⇒ Object

Raises:

  • (Rack::OAuth2::Server::Resource::Bearer::Forbidden)

31
32
33
34
# File 'lib/api/openid_connect/protected_resource_endpoint.rb', line 31

def require_access_token(required_scopes)
  raise Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope) unless
    access_token?(required_scopes)
end