Class: Doorkeeper::Config::Builder

Inherits:
AbstractBuilder show all
Defined in:
lib/doorkeeper/config.rb

Overview

Default Doorkeeper configuration builder

Instance Attribute Summary

Attributes inherited from AbstractBuilder

#config

Instance Method Summary collapse

Methods inherited from AbstractBuilder

#build, #initialize

Constructor Details

This class inherits a constructor from Doorkeeper::Config::AbstractBuilder

Instance Method Details

#access_token_methods(*methods) ⇒ Object

Change the way access token is authenticated from the request object. By default it retrieves first from the `HTTP_AUTHORIZATION` header, then falls back to the `:access_token` or `:bearer_token` params from the `params` object.

Parameters:

  • methods (Array)

    Define access token methods


121
122
123
# File 'lib/doorkeeper/config.rb', line 121

def access_token_methods(*methods)
  @config.instance_variable_set(:@access_token_methods, methods)
end

#api_onlyObject

Use an API mode for applications generated with –api argument It will skip applications controller, disable forgery protection


150
151
152
# File 'lib/doorkeeper/config.rb', line 150

def api_only
  @config.instance_variable_set(:@api_only, true)
end

#client_credentials(*methods) ⇒ Object

Change the way client credentials are retrieved from the request object. By default it retrieves first from the `HTTP_AUTHORIZATION` header, then falls back to the `:client_id` and `:client_secret` params from the `params` object.

Parameters:

  • methods (Array)

    Define client credentials


111
112
113
# File 'lib/doorkeeper/config.rb', line 111

def client_credentials(*methods)
  @config.instance_variable_set(:@client_credentials_methods, methods)
end

#confirm_application_ownerObject


78
79
80
# File 'lib/doorkeeper/config.rb', line 78

def confirm_application_owner
  @config.instance_variable_set(:@confirm_application_owner, true)
end

#default_scopes(*scopes) ⇒ Object

Define default access token scopes for your provider

token scopes

Parameters:

  • scopes (Array)

    Default set of access (OAuth::Scopes.new)


86
87
88
# File 'lib/doorkeeper/config.rb', line 86

def default_scopes(*scopes)
  @config.instance_variable_set(:@default_scopes, OAuth::Scopes.from_array(scopes))
end

#enable_application_owner(opts = {}) ⇒ Object

Provide support for an owner to be assigned to each registered application (disabled by default) Optional parameter confirmation: true (default false) if you want to enforce ownership of a registered application

Parameters:

  • opts (Hash) (defaults to: {})

    the options to confirm if an application owner is present

  • opts[Boolean] (Hash)

    a customizable set of options


73
74
75
76
# File 'lib/doorkeeper/config.rb', line 73

def enable_application_owner(opts = {})
  @config.instance_variable_set(:@enable_application_owner, true)
  confirm_application_owner if opts[:confirmation].present? && opts[:confirmation]
end

#enforce_configured_scopesObject

Forbids creating/updating applications with arbitrary scopes that are not in configuration, i.e. `default_scopes` or `optional_scopes`. (disabled by default)


163
164
165
# File 'lib/doorkeeper/config.rb', line 163

def enforce_configured_scopes
  @config.instance_variable_set(:@enforce_configured_scopes, true)
end

#enforce_content_typeObject

Enforce request content type as the spec requires: disabled by default for backward compatibility.


169
170
171
# File 'lib/doorkeeper/config.rb', line 169

def enforce_content_type
  @config.instance_variable_set(:@enforce_content_type, true)
end

#hash_application_secrets(using: nil, fallback: nil) ⇒ Object

Allow optional hashing of application secrets before persisting them. Will be used for hashing of input token and grants.

Parameters:

  • using (defaults to: nil)

    Provide a different secret storage implementation for applications

  • fallback (defaults to: nil)

    Provide a fallback secret storage implementation for applications or use :plain to fallback to plain application secrets


196
197
198
199
200
201
# File 'lib/doorkeeper/config.rb', line 196

def hash_application_secrets(using: nil, fallback: nil)
  default = "::Doorkeeper::SecretStoring::Sha256Hash"
  configure_secrets_for :application,
                        using: using || default,
                        fallback: fallback
end

#hash_token_secrets(using: nil, fallback: nil) ⇒ Object

Allow optional hashing of input tokens before persisting them. Will be used for hashing of input token and grants.

Parameters:

  • using (defaults to: nil)

    Provide a different secret storage implementation class for tokens

  • fallback (defaults to: nil)

    Provide a fallback secret storage implementation class for tokens or use :plain to fallback to plain tokens


181
182
183
184
185
186
# File 'lib/doorkeeper/config.rb', line 181

def hash_token_secrets(using: nil, fallback: nil)
  default = "::Doorkeeper::SecretStoring::Sha256Hash"
  configure_secrets_for :token,
                        using: using || default,
                        fallback: fallback
end

#optional_scopes(*scopes) ⇒ Object

Define default access token scopes for your provider

token scopes

Parameters:

  • scopes (Array)

    Optional set of access (OAuth::Scopes.new)


94
95
96
# File 'lib/doorkeeper/config.rb', line 94

def optional_scopes(*scopes)
  @config.instance_variable_set(:@optional_scopes, OAuth::Scopes.from_array(scopes))
end

#reuse_access_tokenObject

Reuse access token for the same resource owner within an application (disabled by default) Rationale: github.com/doorkeeper-gem/doorkeeper/issues/383


136
137
138
# File 'lib/doorkeeper/config.rb', line 136

def reuse_access_token
  @config.instance_variable_set(:@reuse_access_token, true)
end

#revoke_previous_client_credentials_tokenObject

TODO: maybe make it more generic for other flows too? Only allow one valid access token obtained via client credentials per client. If a new access token is obtained before the old one expired, the old one gets revoked (disabled by default)


144
145
146
# File 'lib/doorkeeper/config.rb', line 144

def revoke_previous_client_credentials_token
  @config.instance_variable_set(:@revoke_previous_client_credentials_token, true)
end

#scopes_by_grant_type(hash = {}) ⇒ Object

Define scopes_by_grant_type to limit certain scope to certain grant_type Default set to {} i.e. no limitation on scopes usage

Parameters:

  • with (Hash)

    grant_types as keys.


101
102
103
# File 'lib/doorkeeper/config.rb', line 101

def scopes_by_grant_type(hash = {})
  @config.instance_variable_set(:@scopes_by_grant_type, hash)
end

#use_polymorphic_resource_ownerObject

Enables polymorphic Resource Owner association for Access Grant and Access Token models. Requires additional database columns to be setup.


156
157
158
# File 'lib/doorkeeper/config.rb', line 156

def use_polymorphic_resource_owner
  @config.instance_variable_set(:@polymorphic_resource_owner, true)
end

#use_refresh_token(enabled = true, &block) ⇒ Object

Issue access tokens with refresh token (disabled if not set)


126
127
128
129
130
131
# File 'lib/doorkeeper/config.rb', line 126

def use_refresh_token(enabled = true, &block)
  @config.instance_variable_set(
    :@refresh_token_enabled,
    block || enabled,
  )
end