devise_oauth2_providable 0.3.4 → 0.3.5

Sign up to get free protection for your applications and to get access to all the features.
data/config/routes.rb CHANGED
@@ -1,5 +1,4 @@
1
- require 'token_endpoint'
2
- Rails.application.routes.draw do |map|
1
+ Rails.application.routes.draw do
3
2
  scope '/oauth2', :name_prefix => 'oauth2' do
4
3
  resources :authorizations, :controller => 'oauth2/authorizations', :only => :create
5
4
  resource :token, :controller => 'oauth2/tokens', :only => :create
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Oauth2Providable
3
- VERSION = "0.3.4"
3
+ VERSION = "0.3.5"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_oauth2_providable
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 3
9
- - 4
10
- version: 0.3.4
9
+ - 5
10
+ version: 0.3.5
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Sonnek
@@ -123,7 +123,6 @@ files:
123
123
  - lib/devise_oauth2_providable/strategy.rb
124
124
  - lib/devise_oauth2_providable/version.rb
125
125
  - lib/expirable_token.rb
126
- - lib/token_endpoint.rb
127
126
  - spec/devise_oauth2_providable_spec.rb
128
127
  - spec/rails_app/.gitignore
129
128
  - spec/rails_app/.rspec
@@ -1,57 +0,0 @@
1
- class TokenEndpoint
2
- class InvalidGrantType < StandardError; end
3
- def call(env)
4
- authenticator.call(env)
5
- end
6
-
7
- private
8
-
9
- def authenticator
10
- Rack::OAuth2::Server::Token.new do |req, res|
11
- client = Client.find_by_identifier(req.client_id)
12
- req.invalid_client! unless client && client.secret == req.client_secret
13
- begin
14
- res.access_token = access_token(req, client).to_bearer_token
15
- rescue => e
16
- puts e.inspect
17
- req.invalid_grant!
18
- end
19
- end
20
- end
21
-
22
- def access_token(req, client)
23
- refresh_token = find_refresh_token(req, client)
24
- refresh_token.access_tokens.create!(:client => client, :user => refresh_token.user)
25
- end
26
-
27
- # NOTE: extended assertion grant_types are not supported yet.
28
- # NOTE: client_credentials grant_types are not yet supported
29
- def find_refresh_token(req, client)
30
- case req.grant_type
31
- when :authorization_code
32
- code = AuthorizationCode.valid.find_by_token(req.code)
33
- raise InvalidGrantType.new('invalid authorization code') unless code && code.valid_request?(req)
34
- client.refresh_tokens.create! :user => code.user
35
- when :password
36
- resource = mapping.to.find_for_authentication(mapping.to.authentication_keys.first => req.username)
37
- raise InvalidGrantType.new('user not found') unless resource
38
- raise InvalidGrantType.new('user does not support password authentication') unless resource.respond_to?(:valid_password?)
39
- valid = resource.valid_for_authentication? { resource.valid_password?(req.password) }
40
- raise InvalidGrantType.new("authentication failed: #{valid}") unless valid.is_a?(TrueClass)
41
- client.refresh_tokens.create! :user => resource
42
- when :refresh_token
43
- refresh_token = client.refresh_tokens.valid.find_by_token(req.refresh_token)
44
- raise InvalidGrantType.new('refresh token not found') unless refresh_token
45
- refresh_token
46
- else
47
- raise InvalidGrantType.new('invalid grant type')
48
- end
49
- end
50
- def mapping
51
- Devise.mappings[scope]
52
- end
53
- #TODO: allow configurable mapping to other resources
54
- def scope
55
- :user
56
- end
57
- end