Class: Doorkeeper::Config::Builder
- Inherits:
-
AbstractBuilder
- Object
- AbstractBuilder
- Doorkeeper::Config::Builder
- Defined in:
- lib/doorkeeper/config.rb
Overview
Default Doorkeeper configuration builder
Instance Attribute Summary
Attributes inherited from AbstractBuilder
Instance Method Summary collapse
-
#access_token_methods(*methods) ⇒ Object
Change the way access token is authenticated from the request object.
-
#api_only ⇒ Object
Use an API mode for applications generated with –api argument It will skip applications controller, disable forgery protection.
-
#client_credentials(*methods) ⇒ Object
Change the way client credentials are retrieved from the request object.
- #confirm_application_owner ⇒ Object
-
#default_scopes(*scopes) ⇒ Object
Define default access token scopes for your provider.
-
#enable_application_owner(opts = {}) ⇒ Object
Provide support for an owner to be assigned to each registered application (disabled by default) Optional parameter confirmation: true (default false) if you want to enforce ownership of a registered application.
-
#enforce_configured_scopes ⇒ Object
Forbids creating/updating applications with arbitrary scopes that are not in configuration, i.e.
-
#enforce_content_type ⇒ Object
Enforce request content type as the spec requires: disabled by default for backward compatibility.
-
#hash_application_secrets(using: nil, fallback: nil) ⇒ Object
Allow optional hashing of application secrets before persisting them.
-
#hash_token_secrets(using: nil, fallback: nil) ⇒ Object
Allow optional hashing of input tokens before persisting them.
-
#optional_scopes(*scopes) ⇒ Object
Define default access token scopes for your provider.
-
#reuse_access_token ⇒ Object
Reuse access token for the same resource owner within an application (disabled by default) Rationale: github.com/doorkeeper-gem/doorkeeper/issues/383.
-
#revoke_previous_client_credentials_token ⇒ Object
TODO: maybe make it more generic for other flows too? Only allow one valid access token obtained via client credentials per client.
-
#scopes_by_grant_type(hash = {}) ⇒ Object
Define scopes_by_grant_type to limit certain scope to certain grant_type Default set to {} i.e.
-
#use_polymorphic_resource_owner ⇒ Object
Enables polymorphic Resource Owner association for Access Grant and Access Token models.
-
#use_refresh_token(enabled = true, &block) ⇒ Object
Issue access tokens with refresh token (disabled if not set).
-
#use_url_path_for_native_authorization ⇒ Object
Choose to use the url path for native autorization codes Enabling this flag sets the authorization code response route for native redirect uris to oauth/authorize/<code>.
Methods inherited from AbstractBuilder
Constructor Details
This class inherits a constructor from Doorkeeper::Config::AbstractBuilder
Instance Method Details
#access_token_methods(*methods) ⇒ Object
Change the way access token is authenticated from the request object. By default it retrieves first from the ‘HTTP_AUTHORIZATION` header, then falls back to the `:access_token` or `:bearer_token` params from the `params` object.
73 74 75 |
# File 'lib/doorkeeper/config.rb', line 73 def access_token_methods(*methods) @config.instance_variable_set(:@access_token_methods, methods) end |
#api_only ⇒ Object
Use an API mode for applications generated with –api argument It will skip applications controller, disable forgery protection
111 112 113 |
# File 'lib/doorkeeper/config.rb', line 111 def api_only @config.instance_variable_set(:@api_only, true) end |
#client_credentials(*methods) ⇒ Object
Change the way client credentials are retrieved from the request object. By default it retrieves first from the ‘HTTP_AUTHORIZATION` header, then falls back to the `:client_id` and `:client_secret` params from the `params` object.
63 64 65 |
# File 'lib/doorkeeper/config.rb', line 63 def client_credentials(*methods) @config.instance_variable_set(:@client_credentials_methods, methods) end |
#confirm_application_owner ⇒ Object
30 31 32 |
# File 'lib/doorkeeper/config.rb', line 30 def confirm_application_owner @config.instance_variable_set(:@confirm_application_owner, true) end |
#default_scopes(*scopes) ⇒ Object
Define default access token scopes for your provider
token scopes
38 39 40 |
# File 'lib/doorkeeper/config.rb', line 38 def default_scopes(*scopes) @config.instance_variable_set(:@default_scopes, OAuth::Scopes.from_array(scopes)) end |
#enable_application_owner(opts = {}) ⇒ Object
Provide support for an owner to be assigned to each registered application (disabled by default) Optional parameter confirmation: true (default false) if you want to enforce ownership of a registered application
25 26 27 28 |
# File 'lib/doorkeeper/config.rb', line 25 def enable_application_owner(opts = {}) @config.instance_variable_set(:@enable_application_owner, true) confirm_application_owner if opts[:confirmation].present? && opts[:confirmation] end |
#enforce_configured_scopes ⇒ Object
Forbids creating/updating applications with arbitrary scopes that are not in configuration, i.e. ‘default_scopes` or `optional_scopes`. (disabled by default)
124 125 126 |
# File 'lib/doorkeeper/config.rb', line 124 def enforce_configured_scopes @config.instance_variable_set(:@enforce_configured_scopes, true) end |
#enforce_content_type ⇒ Object
Enforce request content type as the spec requires: disabled by default for backward compatibility.
130 131 132 |
# File 'lib/doorkeeper/config.rb', line 130 def enforce_content_type @config.instance_variable_set(:@enforce_content_type, true) end |
#hash_application_secrets(using: nil, fallback: nil) ⇒ Object
Allow optional hashing of application secrets before persisting them. Will be used for hashing of input token and grants.
157 158 159 160 161 162 |
# File 'lib/doorkeeper/config.rb', line 157 def hash_application_secrets(using: nil, fallback: nil) default = "::Doorkeeper::SecretStoring::Sha256Hash" configure_secrets_for :application, using: using || default, fallback: fallback end |
#hash_token_secrets(using: nil, fallback: nil) ⇒ Object
Allow optional hashing of input tokens before persisting them. Will be used for hashing of input token and grants.
142 143 144 145 146 147 |
# File 'lib/doorkeeper/config.rb', line 142 def hash_token_secrets(using: nil, fallback: nil) default = "::Doorkeeper::SecretStoring::Sha256Hash" configure_secrets_for :token, using: using || default, fallback: fallback end |
#optional_scopes(*scopes) ⇒ Object
Define default access token scopes for your provider
token scopes
46 47 48 |
# File 'lib/doorkeeper/config.rb', line 46 def optional_scopes(*scopes) @config.instance_variable_set(:@optional_scopes, OAuth::Scopes.from_array(scopes)) end |
#reuse_access_token ⇒ Object
Reuse access token for the same resource owner within an application (disabled by default) Rationale: github.com/doorkeeper-gem/doorkeeper/issues/383
88 89 90 |
# File 'lib/doorkeeper/config.rb', line 88 def reuse_access_token @config.instance_variable_set(:@reuse_access_token, true) end |
#revoke_previous_client_credentials_token ⇒ Object
TODO: maybe make it more generic for other flows too? Only allow one valid access token obtained via client credentials per client. If a new access token is obtained before the old one expired, the old one gets revoked (disabled by default)
105 106 107 |
# File 'lib/doorkeeper/config.rb', line 105 def revoke_previous_client_credentials_token @config.instance_variable_set(:@revoke_previous_client_credentials_token, true) end |
#scopes_by_grant_type(hash = {}) ⇒ Object
Define scopes_by_grant_type to limit certain scope to certain grant_type Default set to {} i.e. no limitation on scopes usage
53 54 55 |
# File 'lib/doorkeeper/config.rb', line 53 def scopes_by_grant_type(hash = {}) @config.instance_variable_set(:@scopes_by_grant_type, hash) end |
#use_polymorphic_resource_owner ⇒ Object
Enables polymorphic Resource Owner association for Access Grant and Access Token models. Requires additional database columns to be setup.
117 118 119 |
# File 'lib/doorkeeper/config.rb', line 117 def use_polymorphic_resource_owner @config.instance_variable_set(:@polymorphic_resource_owner, true) end |
#use_refresh_token(enabled = true, &block) ⇒ Object
Issue access tokens with refresh token (disabled if not set)
78 79 80 81 82 83 |
# File 'lib/doorkeeper/config.rb', line 78 def use_refresh_token(enabled = true, &block) @config.instance_variable_set( :@refresh_token_enabled, block || enabled, ) end |
#use_url_path_for_native_authorization ⇒ Object
Choose to use the url path for native autorization codes Enabling this flag sets the authorization code response route for native redirect uris to oauth/authorize/<code>. The default is oauth/authorize/native?code=<code>. Rationale: github.com/doorkeeper-gem/doorkeeper/issues/1143
97 98 99 |
# File 'lib/doorkeeper/config.rb', line 97 def @config.instance_variable_set(:@use_url_path_for_native_authorization, true) end |