Class: Doorkeeper::Config

Inherits:
Object
  • Object
show all
Extended by:
Option
Includes:
Validations
Defined in:
lib/doorkeeper/config.rb,
lib/doorkeeper/config/option.rb,
lib/doorkeeper/config/validations.rb,
lib/doorkeeper/config/abstract_builder.rb

Defined Under Namespace

Modules: Option, Validations Classes: AbstractBuilder, Builder

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Option

extended, option

Methods included from Validations

#validate!

Instance Attribute Details

#application_secret_fallback_strategyObject (readonly)

Returns the value of attribute application_secret_fallback_strategy


440
441
442
# File 'lib/doorkeeper/config.rb', line 440

def application_secret_fallback_strategy
  @application_secret_fallback_strategy
end

#reuse_access_tokenObject (readonly)

Returns the value of attribute reuse_access_token


440
441
442
# File 'lib/doorkeeper/config.rb', line 440

def reuse_access_token
  @reuse_access_token
end

#token_secret_fallback_strategyObject (readonly)

Returns the value of attribute token_secret_fallback_strategy


440
441
442
# File 'lib/doorkeeper/config.rb', line 440

def token_secret_fallback_strategy
  @token_secret_fallback_strategy
end

Instance Method Details

#access_grant_modelActiveRecord::Base, ...

Doorkeeper Access Grant model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

456
457
458
# File 'lib/doorkeeper/config.rb', line 456

def access_grant_model
  @access_grant_model ||= access_grant_class.constantize
end

#access_token_methodsObject


551
552
553
554
555
556
557
# File 'lib/doorkeeper/config.rb', line 551

def access_token_methods
  @access_token_methods ||= %i[
    from_bearer_authorization
    from_access_token_param
    from_bearer_param
  ]
end

#access_token_modelActiveRecord::Base, ...

Doorkeeper Access Token model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

448
449
450
# File 'lib/doorkeeper/config.rb', line 448

def access_token_model
  @access_token_model ||= access_token_class.constantize
end

#allow_blank_redirect_uri?(application = nil) ⇒ Boolean

Returns:

  • (Boolean)

632
633
634
635
636
637
638
# File 'lib/doorkeeper/config.rb', line 632

def allow_blank_redirect_uri?(application = nil)
  if allow_blank_redirect_uri.respond_to?(:call)
    allow_blank_redirect_uri.call(grant_flows, application)
  else
    allow_blank_redirect_uri
  end
end

#allow_grant_flow_for_clientBoolean

Allows to customize OAuth grant flows that each application support. You can configure a custom block (or use a class respond to `#call`) that must return `true` in case Application instance supports requested OAuth grant flow during the authorization request to the server. This configuration doesn't set flows per application, it only allows to check if application supports specific grant flow.

For example you can add an additional database column to `oauth_applications` table, say `t.array :grant_flows, default: []`, and store allowed grant flows that can be used with this application there. Then when authorization requested Doorkeeper will call this block to check if specific Application (passed with client_id and/or client_secret) is allowed to perform the request for the specific grant type (authorization, password, client_credentials, etc).

Example of the block:

->(flow, client) { client.grant_flows.include?(flow) }

In case this option invocation result is `false`, Doorkeeper server returns :unauthorized_client error and stops the request.

Parameters:

  • allow_grant_flow_for_client (Proc)

    Block or any object respond to #call

Returns:

  • (Boolean)

    `true` if allow or `false` if forbid the request


328
# File 'lib/doorkeeper/config.rb', line 328

option :allow_grant_flow_for_client,    default: ->(_grant_flow, _client) { true }

#allow_grant_flow_for_client?(grant_flow, client) ⇒ Boolean

Returns:

  • (Boolean)

640
641
642
643
644
# File 'lib/doorkeeper/config.rb', line 640

def allow_grant_flow_for_client?(grant_flow, client)
  return true unless option_defined?(:allow_grant_flow_for_client)

  allow_grant_flow_for_client.call(grant_flow, client)
end

#api_onlyObject


468
469
470
# File 'lib/doorkeeper/config.rb', line 468

def api_only
  @api_only ||= false
end

#application_modelActiveRecord::Base, ...

Doorkeeper Application model class.

Returns:

  • (ActiveRecord::Base, Mongoid::Document, Sequel::Model)

464
465
466
# File 'lib/doorkeeper/config.rb', line 464

def application_model
  @application_model ||= application_class.constantize
end

#application_secret_hashed?Boolean

Returns:

  • (Boolean)

519
520
521
# File 'lib/doorkeeper/config.rb', line 519

def application_secret_hashed?
  instance_variable_defined?(:"@application_secret_strategy")
end

#application_secret_strategyObject


527
528
529
# File 'lib/doorkeeper/config.rb', line 527

def application_secret_strategy
  @application_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end

#authorization_response_flowsObject


563
564
565
566
# File 'lib/doorkeeper/config.rb', line 563

def authorization_response_flows
  @authorization_response_flows ||= enabled_grant_flows.select(&:handles_response_type?) +
                                    deprecated_authorization_flows
end

#authorization_response_typesObject


572
573
574
# File 'lib/doorkeeper/config.rb', line 572

def authorization_response_types
  authorization_response_flows.map(&:response_type_matches)
end

#calculate_authorization_response_typesObject

[NOTE]: deprecated and will be removed soon


603
604
605
# File 'lib/doorkeeper/config.rb', line 603

def calculate_authorization_response_types
  []
end

#calculate_grant_flowsObject

Calculates grant flows configured by the user in Doorkeeper configuration considering registered aliases that is exposed to single or multiple other flows.


618
619
620
621
622
623
624
625
626
627
628
629
630
# File 'lib/doorkeeper/config.rb', line 618

def calculate_grant_flows
  configured_flows = grant_flows.map(&:to_s)
  aliases = Doorkeeper::GrantFlow.aliases.keys.map(&:to_s)

  flows = configured_flows - aliases
  aliases.each do |flow_alias|
    next unless configured_flows.include?(flow_alias)

    flows.concat(Doorkeeper::GrantFlow.expand_alias(flow_alias))
  end

  flows.flatten.uniq
end

#calculate_token_grant_typesObject

[NOTE]: deprecated and will be removed soon


608
609
610
611
612
# File 'lib/doorkeeper/config.rb', line 608

def calculate_token_grant_types
  types = grant_flows - ["implicit"]
  types << "refresh_token" if refresh_token_enabled?
  types
end

#client_credentials_methodsObject


547
548
549
# File 'lib/doorkeeper/config.rb', line 547

def client_credentials_methods
  @client_credentials_methods ||= %i[from_basic from_params]
end

#confirm_application_owner?Boolean

Returns:

  • (Boolean)

511
512
513
# File 'lib/doorkeeper/config.rb', line 511

def confirm_application_owner?
  option_set? :confirm_application_owner
end

#default_scopesObject


531
532
533
# File 'lib/doorkeeper/config.rb', line 531

def default_scopes
  @default_scopes ||= OAuth::Scopes.new
end

#deprecated_authorization_flowsObject

[NOTE]: deprecated and will be removed soon


586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
# File 'lib/doorkeeper/config.rb', line 586

def deprecated_authorization_flows
  response_types = calculate_authorization_response_types

  if response_types.any?
    ::Kernel.warn <<~WARNING
      Please, don't patch Doorkeeper::Config#calculate_authorization_response_types method.
      Register your custom grant flows using the public API:
      `Doorkeeper::GrantFlow.register(grant_flow_name, **options)`.
    WARNING
  end

  response_types.map do |response_type|
    Doorkeeper::GrantFlow::FallbackFlow.new(response_type, response_type_matches: response_type)
  end
end

#deprecated_token_grant_types_resolverObject

[NOTE]: deprecated and will be removed soon


581
582
583
# File 'lib/doorkeeper/config.rb', line 581

def deprecated_token_grant_types_resolver
  @deprecated_token_grant_types ||= calculate_token_grant_types
end

#enable_application_owner?Boolean

Returns:

  • (Boolean)

503
504
505
# File 'lib/doorkeeper/config.rb', line 503

def enable_application_owner?
  option_set? :enable_application_owner
end

#enabled_grant_flowsObject


559
560
561
# File 'lib/doorkeeper/config.rb', line 559

def enabled_grant_flows
  @enabled_grant_flows ||= calculate_grant_flows.map { |name| Doorkeeper::GrantFlow.get(name) }.compact
end

#enforce_configured_scopes?Boolean

Returns:

  • (Boolean)

499
500
501
# File 'lib/doorkeeper/config.rb', line 499

def enforce_configured_scopes?
  option_set? :enforce_configured_scopes
end

#enforce_content_typeObject


472
473
474
# File 'lib/doorkeeper/config.rb', line 472

def enforce_content_type
  @enforce_content_type ||= false
end

#option_defined?(name) ⇒ Boolean

Returns:

  • (Boolean)

646
647
648
# File 'lib/doorkeeper/config.rb', line 646

def option_defined?(name)
  instance_variable_defined?("@#{name}")
end

#optional_scopesObject


535
536
537
# File 'lib/doorkeeper/config.rb', line 535

def optional_scopes
  @optional_scopes ||= OAuth::Scopes.new
end

#polymorphic_resource_owner?Boolean

Returns:

  • (Boolean)

507
508
509
# File 'lib/doorkeeper/config.rb', line 507

def polymorphic_resource_owner?
  option_set? :polymorphic_resource_owner
end

#raise_on_errors?Boolean

Returns:

  • (Boolean)

515
516
517
# File 'lib/doorkeeper/config.rb', line 515

def raise_on_errors?
  handle_auth_errors == :raise
end

#refresh_token_enabled?Boolean

Returns:

  • (Boolean)

476
477
478
479
480
481
482
# File 'lib/doorkeeper/config.rb', line 476

def refresh_token_enabled?
  if defined?(@refresh_token_enabled)
    @refresh_token_enabled
  else
    false
  end
end

#resolve_controller(name) ⇒ Object


484
485
486
487
488
489
490
491
492
493
# File 'lib/doorkeeper/config.rb', line 484

def resolve_controller(name)
  config_option = public_send(:"#{name}_controller")
  controller_name = if config_option.respond_to?(:call)
                      instance_exec(&config_option)
                    else
                      config_option
                    end

  controller_name.constantize
end

#revoke_previous_client_credentials_token?Boolean

Returns:

  • (Boolean)

495
496
497
# File 'lib/doorkeeper/config.rb', line 495

def revoke_previous_client_credentials_token?
  option_set? :revoke_previous_client_credentials_token
end

#scopesObject


539
540
541
# File 'lib/doorkeeper/config.rb', line 539

def scopes
  @scopes ||= default_scopes + optional_scopes
end

#scopes_by_grant_typeObject


543
544
545
# File 'lib/doorkeeper/config.rb', line 543

def scopes_by_grant_type
  @scopes_by_grant_type ||= {}
end

#token_grant_flowsObject


568
569
570
# File 'lib/doorkeeper/config.rb', line 568

def token_grant_flows
  @token_grant_flows ||= calculate_token_grant_flows
end

#token_grant_typesObject


576
577
578
# File 'lib/doorkeeper/config.rb', line 576

def token_grant_types
  token_grant_flows.map(&:grant_type_matches)
end

#token_secret_strategyObject


523
524
525
# File 'lib/doorkeeper/config.rb', line 523

def token_secret_strategy
  @token_secret_strategy ||= ::Doorkeeper::SecretStoring::Plain
end