Class: Doorkeeper::Config

Inherits:
Object
  • Object
show all
Extended by:
Option
Includes:
Validations
Defined in:
lib/doorkeeper/config.rb,
lib/doorkeeper/config/option.rb,
lib/doorkeeper/config/validations.rb,
lib/doorkeeper/config/abstract_builder.rb

Defined Under Namespace

Modules: Option, Validations Classes: AbstractBuilder, Builder

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Option

extended, option

Methods included from Validations

#validate!

Instance Attribute Details

#application_secret_fallback_strategyObject (readonly)

Returns the value of attribute application_secret_fallback_strategy.


472
473
474
# File 'lib/doorkeeper/config.rb', line 472

def application_secret_fallback_strategy
  @application_secret_fallback_strategy
end

#reuse_access_tokenObject (readonly)

Returns the value of attribute reuse_access_token.


472
473
474
# File 'lib/doorkeeper/config.rb', line 472

def reuse_access_token
  @reuse_access_token
end

#token_secret_fallback_strategyObject (readonly)

Returns the value of attribute token_secret_fallback_strategy.


472
473
474
# File 'lib/doorkeeper/config.rb', line 472

def token_secret_fallback_strategy
  @token_secret_fallback_strategy
end

Instance Method Details

#access_grant_modelActiveRecord::Base, ...

Doorkeeper Access Grant model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

498
499
500
# File 'lib/doorkeeper/config.rb', line 498

def access_grant_model
  @access_grant_model ||= access_grant_class.constantize
end

#access_token_methodsObject


593
594
595
596
597
598
599
# File 'lib/doorkeeper/config.rb', line 593

def access_token_methods
  @access_token_methods ||= %i[
    from_bearer_authorization
    from_access_token_param
    from_bearer_param
  ]
end

#access_token_modelActiveRecord::Base, ...

Doorkeeper Access Token model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

490
491
492
# File 'lib/doorkeeper/config.rb', line 490

def access_token_model
  @access_token_model ||= access_token_class.constantize
end

#allow_blank_redirect_uri?(application = nil) ⇒ Boolean

Returns:

  • (Boolean)

674
675
676
677
678
679
680
# File 'lib/doorkeeper/config.rb', line 674

def allow_blank_redirect_uri?(application = nil)
  if allow_blank_redirect_uri.respond_to?(:call)
    allow_blank_redirect_uri.call(grant_flows, application)
  else
    allow_blank_redirect_uri
  end
end

#allow_grant_flow_for_clientBoolean

Allows to customize OAuth grant flows that each application support. You can configure a custom block (or use a class respond to `#call`) that must return `true` in case Application instance supports requested OAuth grant flow during the authorization request to the server. This configuration doesn't set flows per application, it only allows to check if application supports specific grant flow.

For example you can add an additional database column to `oauth_applications` table, say `t.array :grant_flows, default: []`, and store allowed grant flows that can be used with this application there. Then when authorization requested Doorkeeper will call this block to check if specific Application (passed with client_id and/or client_secret) is allowed to perform the request for the specific grant type (authorization, password, client_credentials, etc).

Example of the block:

->(flow, client) { client.grant_flows.include?(flow) }

In case this option invocation result is `false`, Doorkeeper server returns :unauthorized_client error and stops the request.

Parameters:

  • allow_grant_flow_for_client (Proc)

    Block or any object respond to #call

Returns:

  • (Boolean)

    `true` if allow or `false` if forbid the request


351
# File 'lib/doorkeeper/config.rb', line 351

option :allow_grant_flow_for_client,    default: ->(_grant_flow, _client) { true }

#allow_grant_flow_for_client?(grant_flow, client) ⇒ Boolean

Returns:

  • (Boolean)

682
683
684
685
686
# File 'lib/doorkeeper/config.rb', line 682

def allow_grant_flow_for_client?(grant_flow, client)
  return true unless option_defined?(:allow_grant_flow_for_client)

  allow_grant_flow_for_client.call(grant_flow, client)
end

#api_onlyObject


510
511
512
# File 'lib/doorkeeper/config.rb', line 510

def api_only
  @api_only ||= false
end

#application_modelActiveRecord::Base, ...

Doorkeeper Application model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

506
507
508
# File 'lib/doorkeeper/config.rb', line 506

def application_model
  @application_model ||= application_class.constantize
end

#application_secret_hashed?Boolean

Returns:

  • (Boolean)

561
562
563
# File 'lib/doorkeeper/config.rb', line 561

def application_secret_hashed?
  instance_variable_defined?(:"@application_secret_strategy")
end

#application_secret_strategyObject


569
570
571
# File 'lib/doorkeeper/config.rb', line 569

def application_secret_strategy
  @application_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end

#authorization_response_flowsObject


605
606
607
608
# File 'lib/doorkeeper/config.rb', line 605

def authorization_response_flows
  @authorization_response_flows ||= enabled_grant_flows.select(&:handles_response_type?) +
                                    deprecated_authorization_flows
end

#authorization_response_typesObject


614
615
616
# File 'lib/doorkeeper/config.rb', line 614

def authorization_response_types
  authorization_response_flows.map(&:response_type_matches)
end

#calculate_authorization_response_typesObject

[NOTE]: deprecated and will be removed soon


645
646
647
# File 'lib/doorkeeper/config.rb', line 645

def calculate_authorization_response_types
  []
end

#calculate_grant_flowsObject

Calculates grant flows configured by the user in Doorkeeper configuration considering registered aliases that is exposed to single or multiple other flows.


660
661
662
663
664
665
666
667
668
669
670
671
672
# File 'lib/doorkeeper/config.rb', line 660

def calculate_grant_flows
  configured_flows = grant_flows.map(&:to_s)
  aliases = Doorkeeper::GrantFlow.aliases.keys.map(&:to_s)

  flows = configured_flows - aliases
  aliases.each do |flow_alias|
    next unless configured_flows.include?(flow_alias)

    flows.concat(Doorkeeper::GrantFlow.expand_alias(flow_alias))
  end

  flows.flatten.uniq
end

#calculate_token_grant_typesObject

[NOTE]: deprecated and will be removed soon


650
651
652
653
654
# File 'lib/doorkeeper/config.rb', line 650

def calculate_token_grant_types
  types = grant_flows - ["implicit"]
  types << "refresh_token" if refresh_token_enabled?
  types
end

#clear_cache!Object


476
477
478
479
480
481
482
483
484
# File 'lib/doorkeeper/config.rb', line 476

def clear_cache!
  %i[
    application_model
    access_token_model
    access_grant_model
  ].each do |var|
    remove_instance_variable("@#{var}") if instance_variable_defined?("@#{var}")
  end
end

#client_credentials_methodsObject


589
590
591
# File 'lib/doorkeeper/config.rb', line 589

def client_credentials_methods
  @client_credentials_methods ||= %i[from_basic from_params]
end

#confirm_application_owner?Boolean

Returns:

  • (Boolean)

553
554
555
# File 'lib/doorkeeper/config.rb', line 553

def confirm_application_owner?
  option_set? :confirm_application_owner
end

#default_scopesObject


573
574
575
# File 'lib/doorkeeper/config.rb', line 573

def default_scopes
  @default_scopes ||= OAuth::Scopes.new
end

#deprecated_authorization_flowsObject

[NOTE]: deprecated and will be removed soon


628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
# File 'lib/doorkeeper/config.rb', line 628

def deprecated_authorization_flows
  response_types = calculate_authorization_response_types

  if response_types.any?
    ::Kernel.warn <<~WARNING
      Please, don't patch Doorkeeper::Config#calculate_authorization_response_types method.
      Register your custom grant flows using the public API:
      `Doorkeeper::GrantFlow.register(grant_flow_name, **options)`.
    WARNING
  end

  response_types.map do |response_type|
    Doorkeeper::GrantFlow::FallbackFlow.new(response_type, response_type_matches: response_type)
  end
end

#deprecated_token_grant_types_resolverObject

[NOTE]: deprecated and will be removed soon


623
624
625
# File 'lib/doorkeeper/config.rb', line 623

def deprecated_token_grant_types_resolver
  @deprecated_token_grant_types ||= calculate_token_grant_types
end

#enable_application_owner?Boolean

Returns:

  • (Boolean)

545
546
547
# File 'lib/doorkeeper/config.rb', line 545

def enable_application_owner?
  option_set? :enable_application_owner
end

#enabled_grant_flowsObject


601
602
603
# File 'lib/doorkeeper/config.rb', line 601

def enabled_grant_flows
  @enabled_grant_flows ||= calculate_grant_flows.map { |name| Doorkeeper::GrantFlow.get(name) }.compact
end

#enforce_configured_scopes?Boolean

Returns:

  • (Boolean)

541
542
543
# File 'lib/doorkeeper/config.rb', line 541

def enforce_configured_scopes?
  option_set? :enforce_configured_scopes
end

#enforce_content_typeObject


514
515
516
# File 'lib/doorkeeper/config.rb', line 514

def enforce_content_type
  @enforce_content_type ||= false
end

#option_defined?(name) ⇒ Boolean

Returns:

  • (Boolean)

688
689
690
# File 'lib/doorkeeper/config.rb', line 688

def option_defined?(name)
  instance_variable_defined?("@#{name}")
end

#optional_scopesObject


577
578
579
# File 'lib/doorkeeper/config.rb', line 577

def optional_scopes
  @optional_scopes ||= OAuth::Scopes.new
end

#polymorphic_resource_owner?Boolean

Returns:

  • (Boolean)

549
550
551
# File 'lib/doorkeeper/config.rb', line 549

def polymorphic_resource_owner?
  option_set? :polymorphic_resource_owner
end

#raise_on_errors?Boolean

Returns:

  • (Boolean)

557
558
559
# File 'lib/doorkeeper/config.rb', line 557

def raise_on_errors?
  handle_auth_errors == :raise
end

#refresh_token_enabled?Boolean

Returns:

  • (Boolean)

518
519
520
521
522
523
524
# File 'lib/doorkeeper/config.rb', line 518

def refresh_token_enabled?
  if defined?(@refresh_token_enabled)
    @refresh_token_enabled
  else
    false
  end
end

#resolve_controller(name) ⇒ Object


526
527
528
529
530
531
532
533
534
535
# File 'lib/doorkeeper/config.rb', line 526

def resolve_controller(name)
  config_option = public_send(:"#{name}_controller")
  controller_name = if config_option.respond_to?(:call)
                      instance_exec(&config_option)
                    else
                      config_option
                    end

  controller_name.constantize
end

#revoke_previous_client_credentials_token?Boolean

Returns:

  • (Boolean)

537
538
539
# File 'lib/doorkeeper/config.rb', line 537

def revoke_previous_client_credentials_token?
  option_set? :revoke_previous_client_credentials_token
end

#scopesObject


581
582
583
# File 'lib/doorkeeper/config.rb', line 581

def scopes
  @scopes ||= default_scopes + optional_scopes
end

#scopes_by_grant_typeObject


585
586
587
# File 'lib/doorkeeper/config.rb', line 585

def scopes_by_grant_type
  @scopes_by_grant_type ||= {}
end

#token_grant_flowsObject


610
611
612
# File 'lib/doorkeeper/config.rb', line 610

def token_grant_flows
  @token_grant_flows ||= calculate_token_grant_flows
end

#token_grant_typesObject


618
619
620
# File 'lib/doorkeeper/config.rb', line 618

def token_grant_types
  token_grant_flows.map(&:grant_type_matches)
end

#token_secret_strategyObject


565
566
567
# File 'lib/doorkeeper/config.rb', line 565

def token_secret_strategy
  @token_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end