devise_oauth2_providable 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +16 -3
- data/app/controllers/devise/oauth2_providable/tokens_controller.rb +2 -2
- data/lib/devise/oauth2_providable/strategies/oauth2_grant_type_strategy.rb +3 -2
- data/lib/devise/oauth2_providable/strategies/oauth2_providable_strategy.rb +1 -1
- data/lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb +1 -1
- data/lib/devise/oauth2_providable/version.rb +1 -1
- data/lib/devise_oauth2_providable.rb +3 -0
- metadata +4 -4
data/README.md
CHANGED
@@ -67,7 +67,11 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.3
|
|
67
67
|
Short lived token used by clients to perform subsequent requests (see
|
68
68
|
bearer token spec)
|
69
69
|
|
70
|
-
expires after 15min by default.
|
70
|
+
expires after 15min by default. to customize the duration of the access token:
|
71
|
+
|
72
|
+
```ruby
|
73
|
+
Devise::Oauth2Providable::AccessToken.default_lifetime = 1.minute
|
74
|
+
```
|
71
75
|
|
72
76
|
### RefreshToken
|
73
77
|
http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.5
|
@@ -75,7 +79,11 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.5
|
|
75
79
|
Long lived token used by clients to request new access tokens without
|
76
80
|
requiring user intervention to re-authorize.
|
77
81
|
|
78
|
-
expires after 1 month by default.
|
82
|
+
expires after 1 month by default. to customize the duration of refresh token:
|
83
|
+
|
84
|
+
```ruby
|
85
|
+
Devise::Oauth2Providable::RefreshToken.default_lifetime = 1.year
|
86
|
+
```
|
79
87
|
|
80
88
|
### AuthorizationCode
|
81
89
|
http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.4.1
|
@@ -83,7 +91,12 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.4.1
|
|
83
91
|
*Very* short lived token created to allow a client to request an access
|
84
92
|
token after a user has gone through the authorization flow.
|
85
93
|
|
86
|
-
expires after 1min by default.
|
94
|
+
expires after 1min by default. to customize the duration of the
|
95
|
+
authorization code:
|
96
|
+
|
97
|
+
```ruby
|
98
|
+
Devise::Oauth2Providable::AuthorizationCode.default_lifetime = 5.minutes
|
99
|
+
```
|
87
100
|
|
88
101
|
## Routes
|
89
102
|
|
@@ -9,9 +9,9 @@ class Devise::Oauth2Providable::TokensController < ApplicationController
|
|
9
9
|
end
|
10
10
|
private
|
11
11
|
def oauth2_current_client
|
12
|
-
env[
|
12
|
+
env[Devise::Oauth2Providable::CLIENT_ENV_REF]
|
13
13
|
end
|
14
14
|
def oauth2_current_refresh_token
|
15
|
-
env[
|
15
|
+
env[Devise::Oauth2Providable::REFRESH_TOKEN_ENV_REF]
|
16
16
|
end
|
17
17
|
end
|
@@ -12,8 +12,9 @@ module Devise
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def client
|
15
|
-
@client
|
16
|
-
|
15
|
+
return @client if @client
|
16
|
+
@client = Devise::Oauth2Providable::Client.find_by_identifier params[:client_id]
|
17
|
+
env[Devise::Oauth2Providable::CLIENT_ENV_REF] = @client
|
17
18
|
@client
|
18
19
|
end
|
19
20
|
# return custom error response in accordance with the oauth spec
|
@@ -10,7 +10,7 @@ module Devise
|
|
10
10
|
def authenticate!
|
11
11
|
@req.setup!
|
12
12
|
token = Devise::Oauth2Providable::AccessToken.valid.find_by_token @req.access_token
|
13
|
-
env[
|
13
|
+
env[Devise::Oauth2Providable::CLIENT_ENV_REF] = token.client if token
|
14
14
|
resource = token ? token.user : nil
|
15
15
|
if validate(resource)
|
16
16
|
success! resource
|
@@ -9,7 +9,7 @@ module Devise
|
|
9
9
|
|
10
10
|
def authenticate!
|
11
11
|
if client && refresh_token = client.refresh_tokens.valid.find_by_token(params[:refresh_token])
|
12
|
-
env[
|
12
|
+
env[Devise::Oauth2Providable::REFRESH_TOKEN_ENV_REF] = refresh_token
|
13
13
|
success! refresh_token.user
|
14
14
|
elsif !halted?
|
15
15
|
oauth_error! :invalid_grant, 'invalid refresh token'
|
@@ -12,6 +12,9 @@ require 'devise/oauth2_providable/models/oauth2_authorization_code_grantable'
|
|
12
12
|
|
13
13
|
module Devise
|
14
14
|
module Oauth2Providable
|
15
|
+
CLIENT_ENV_REF = 'oauth2.client'
|
16
|
+
REFRESH_TOKEN_ENV_REF = "oauth2.refresh_token"
|
17
|
+
|
15
18
|
class << self
|
16
19
|
def random_id
|
17
20
|
SecureRandom.hex
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_oauth2_providable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 21
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 1
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 1.0.
|
9
|
+
- 1
|
10
|
+
version: 1.0.1
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Ryan Sonnek
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2011-10-
|
18
|
+
date: 2011-10-27 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
21
|
name: rails
|