grape_oauth2 0.1.1 → 0.2.0

data/lib/grape_oauth2/generators/authorization.rb

@@ -1,44 +1,44 @@
-module Grape
-  module OAuth2
-    module Generators
-      # OAuth2 Authorization generator class.
-      # Processes the request and builds the response.
-      class Authorization < Base
-        class << self
-          # Generates Authorization Response based on the request.
-          #
-          # @return [Grape::OAuth2::Responses::Authorization] response
-          #
-          def generate_for(env, &_block)
-            authorization = Rack::OAuth2::Server::Authorize.new do |request, response|
-              if block_given?
-                yield request, response
-              else
-                execute_default(request, response)
-              end
-            end
-
-            Grape::OAuth2::Responses::Authorization.new(authorization.call(env))
-          rescue Rack::OAuth2::Server::Authorize::BadRequest => error
-            error_response(error)
-          end
-
-          private
-
-          def error_response(error)
-            response = Rack::Response.new
-            response.status = error.status
-            response.header['Content-Type'] = 'application/json'
-            response.write(JSON.dump(Rack::OAuth2::Util.compact_hash(error.protocol_params)))
-
-            Grape::OAuth2::Responses::Authorization.new(response.finish)
-          end
-
-          def execute_default(request, response)
-            Grape::OAuth2::Strategies::AuthorizationCode.process(request, response)
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Generators
+      # OAuth2 Authorization generator class.
+      # Processes the request and builds the response.
+      class Authorization < Base
+        class << self
+          # Generates Authorization Response based on the request.
+          #
+          # @return [Grape::OAuth2::Responses::Authorization] response
+          #
+          def generate_for(env, &_block)
+            authorization = Rack::OAuth2::Server::Authorize.new do |request, response|
+              if block_given?
+                yield request, response
+              else
+                execute_default(request, response)
+              end
+            end
+
+            Grape::OAuth2::Responses::Authorization.new(authorization.call(env))
+          rescue Rack::OAuth2::Server::Authorize::BadRequest => error
+            error_response(error)
+          end
+
+          private
+
+          def error_response(error)
+            response = Rack::Response.new
+            response.status = error.status
+            response.header['Content-Type'] = 'application/json'
+            response.write(JSON.dump(Rack::OAuth2::Util.compact_hash(error.protocol_params)))
+
+            Grape::OAuth2::Responses::Authorization.new(response.finish)
+          end
+
+          def execute_default(request, response)
+            Grape::OAuth2::Strategies::AuthorizationCode.process(request, response)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/generators/base.rb

@@ -1,26 +1,26 @@
-module Grape
-  module OAuth2
-    module Generators
-      # Base class for Grape::OAuth2 generators.
-      # Grape::OAuth2 generators processes the requests and
-      # generates responses with Access Token or Authorization Code.
-      class Base
-        class << self
-          # Allowed grant types from the Grape::OAuth2 configuration.
-          #
-          # @return [Array]
-          #   allowed grant types
-          #
-          def allowed_grants
-            config.allowed_grant_types
-          end
-
-          # Short getter for Grape::OAuth2 configuration.
-          def config
-            Grape::OAuth2.config
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Generators
+      # Base class for Grape::OAuth2 generators.
+      # Grape::OAuth2 generators processes the requests and
+      # generates responses with Access Token or Authorization Code.
+      class Base
+        class << self
+          # Allowed grant types from the Grape::OAuth2 configuration.
+          #
+          # @return [Array]
+          #   allowed grant types
+          #
+          def allowed_grants
+            config.allowed_grant_types
+          end
+
+          # Short getter for Grape::OAuth2 configuration.
+          def config
+            Grape::OAuth2.config
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/generators/token.rb

@@ -1,62 +1,62 @@
-module Grape
-  module OAuth2
-    module Generators
-      # OAuth2 Token generator class.
-      # Processes the request by required Grant Type and builds the response.
-      class Token < Base
-        # Grant type => OAuth2 strategy class
-        STRATEGY_CLASSES = {
-          password: Grape::OAuth2::Strategies::Password,
-          client_credentials: Grape::OAuth2::Strategies::ClientCredentials,
-          refresh_token: Grape::OAuth2::Strategies::RefreshToken
-        }.freeze
-
-        class << self
-          # Generates Token Response based on the request.
-          #
-          # @return [Grape::OAuth2::Responses::Token] response
-          #
-          def generate_for(env, &_block)
-            token = Rack::OAuth2::Server::Token.new do |request, response|
-              request.unsupported_grant_type! unless allowed_grants.include?(request.grant_type.to_s)
-
-              if block_given?
-                yield request, response
-              else
-                execute_default(request, response)
-              end
-            end
-
-            Grape::OAuth2::Responses::Token.new(token.call(env))
-          end
-
-          protected
-
-          # Runs default Grape::OAuth2 functionality for Token endpoint.
-          # In common it authenticates client (or/and any other objects) and
-          # grants the Access Token or Auth Code.
-          #
-          # @param request [Rack::Request] request object
-          # @param response [Rack::Response] response object
-          #
-          def execute_default(request, response)
-            strategy = find_strategy(request.grant_type) || request.invalid_grant!
-            response.access_token = strategy.process(request)
-          end
-
-          # Returns Grape::OAuth2 strategy class by Grant Type.
-          #
-          # @param grant_type [Symbol]
-          #   grant type value
-          #
-          # @return [Password, ClientCredentials, RefreshToken]
-          #   strategy class
-          #
-          def find_strategy(grant_type)
-            STRATEGY_CLASSES[grant_type]
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Generators
+      # OAuth2 Token generator class.
+      # Processes the request by required Grant Type and builds the response.
+      class Token < Base
+        # Grant type => OAuth2 strategy class
+        STRATEGY_CLASSES = {
+          password: Grape::OAuth2::Strategies::Password,
+          client_credentials: Grape::OAuth2::Strategies::ClientCredentials,
+          refresh_token: Grape::OAuth2::Strategies::RefreshToken
+        }.freeze
+
+        class << self
+          # Generates Token Response based on the request.
+          #
+          # @return [Grape::OAuth2::Responses::Token] response
+          #
+          def generate_for(env, &_block)
+            token = Rack::OAuth2::Server::Token.new do |request, response|
+              request.unsupported_grant_type! unless allowed_grants.include?(request.grant_type.to_s)
+
+              if block_given?
+                yield request, response
+              else
+                execute_default(request, response)
+              end
+            end
+
+            Grape::OAuth2::Responses::Token.new(token.call(env))
+          end
+
+          protected
+
+          # Runs default Grape::OAuth2 functionality for Token endpoint.
+          # In common it authenticates client (or/and any other objects) and
+          # grants the Access Token or Auth Code.
+          #
+          # @param request [Rack::Request] request object
+          # @param response [Rack::Response] response object
+          #
+          def execute_default(request, response)
+            strategy = find_strategy(request.grant_type) || request.invalid_grant!
+            response.access_token = strategy.process(request)
+          end
+
+          # Returns Grape::OAuth2 strategy class by Grant Type.
+          #
+          # @param grant_type [Symbol]
+          #   grant type value
+          #
+          # @return [Password, ClientCredentials, RefreshToken]
+          #   strategy class
+          #
+          def find_strategy(grant_type)
+            STRATEGY_CLASSES[grant_type]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/helpers/access_token_helpers.rb

@@ -1,54 +1,52 @@
-module Grape
-  module OAuth2
-    module Helpers
-      # Set of Grape OAuth2 helpers.
-      module AccessTokenHelpers
-        extend ::Grape::API::Helpers
-
-        # Adds OAuth2 Access Token protection for Grape routes.
-        #
-        # @param scopes [Array]
-        #   set of scopes required to access the endpoint
-        #
-        # @raise [Rack::OAuth2::Server::Resource::Bearer::Unauthorized]
-        #   invalid Access Token value
-        # @raise [Rack::OAuth2::Server::Resource::Bearer::Forbidden]
-        #   Access Token expired, revoked or does't have required scopes
-        #
-        def access_token_required!(*scopes)
-          endpoint_scopes = env['api.endpoint'].options[:route_options][:scopes]
-          required_scopes = endpoint_scopes.presence || scopes
-
-          raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized if current_access_token.nil?
-          raise Rack::OAuth2::Server::Resource::Bearer::Forbidden unless valid_access_token?(required_scopes)
-        end
-
-        # Returns Resource Owner from the Access Token
-        # found by access_token value passed with the request.
-        def current_resource_owner
-          @_current_resource_owner ||= current_access_token.resource_owner
-        end
-
-        # Returns Access Token instance found by
-        # access_token value passed with the request.
-        def current_access_token
-          @_current_access_token ||= request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
-        end
-
-        private
-
-        # Validate current access token not to be expired or revoked
-        # and has all the requested scopes.
-        #
-        # @return [Boolean]
-        #   true if current Access Token not expired, not revoked and scopes match
-        #   false in other cases.
-        #
-        def valid_access_token?(scopes)
-          !current_access_token.revoked? && !current_access_token.expired? &&
-            Grape::OAuth2.config.scopes_validator.new(scopes).valid_for?(current_access_token)
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Helpers
+      # Set of Grape OAuth2 helpers.
+      module AccessTokenHelpers
+        extend ::Grape::API::Helpers
+
+        # Adds OAuth2 Access Token protection for Grape routes.
+        #
+        # @param scopes [Array]
+        #   set of scopes required to access the endpoint
+        #
+        # @raise [Rack::OAuth2::Server::Resource::Bearer::Unauthorized]
+        #   invalid Access Token value
+        # @raise [Rack::OAuth2::Server::Resource::Bearer::Forbidden]
+        #   Access Token expired, revoked or does't have required scopes
+        #
+        def access_token_required!(*scopes)
+          endpoint_scopes = env['api.endpoint'].options[:route_options][:scopes]
+          required_scopes = endpoint_scopes.presence || scopes
+
+          raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized if current_access_token.nil?
+          raise Rack::OAuth2::Server::Resource::Bearer::Forbidden unless valid_access_token?(required_scopes)
+        end
+
+        # Returns Resource Owner from the Access Token
+        # found by access_token value passed with the request.
+        def current_resource_owner
+          @_current_resource_owner ||= current_access_token.resource_owner
+        end
+
+        # Returns Access Token instance found by
+        # access_token value passed with the request.
+        def current_access_token
+          @_current_access_token ||= request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
+        end
+
+        # Validate current access token not to be expired or revoked
+        # and has all the requested scopes.
+        #
+        # @return [Boolean]
+        #   true if current Access Token not expired, not revoked and scopes match
+        #   false in other cases.
+        #
+        def valid_access_token?(scopes)
+          !current_access_token.revoked? && !current_access_token.expired? &&
+            Grape::OAuth2.config.scopes_validator.new(scopes).valid_for?(current_access_token)
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/helpers/oauth_params.rb

@@ -1,41 +1,41 @@
-module Grape
-  module OAuth2
-    module Helpers
-      # Grape Helper object for OAuth2 requests params.
-      # Used fin default Grape::OAuth2 gem endpoints and can be used
-      # for custom one.
-      module OAuthParams
-        extend ::Grape::API::Helpers
-
-        # Params are optional in order to process them correctly in accordance
-        # with the RFC 6749 (invalid_client, unsupported_grant_type, etc.)
-        params :oauth_token_params do
-          optional :grant_type, type: String, desc: 'Grant type'
-          optional :client_id, type: String, desc: 'Client ID'
-          optional :client_secret, type: String, desc: 'Client secret'
-          optional :refresh_token, type: String, desc: 'Refresh Token'
-        end
-
-        # Params for authorization request.
-        # @see https://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1 Authorization Request
-        params :oauth_authorization_params do
-          optional :response_type, type: String, desc: 'Response type'
-          optional :client_id, type: String, desc: 'Client ID'
-          optional :redirect_uri, type: String, desc: 'Redirect URI'
-          optional :scope, type: String, desc: 'Authorization scopes'
-          optional :state, type: String, desc: 'State'
-        end
-
-        # Params for token revocation.
-        # @see https://tools.ietf.org/html/rfc7009#section-2.1 OAuth 2.0 Token Revocation
-        params :oauth_token_revocation_params do
-          requires :token, type: String, desc: 'The token that the client wants to get revoked'
-          optional :token_type_hint, type: String,
-                                     values: %w(access_token refresh_token),
-                                     default: 'access_token',
-                                     desc: 'A hint about the type of the token submitted for revocation'
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Helpers
+      # Grape Helper object for OAuth2 requests params.
+      # Used fin default Grape::OAuth2 gem endpoints and can be used
+      # for custom one.
+      module OAuthParams
+        extend ::Grape::API::Helpers
+
+        # Params are optional in order to process them correctly in accordance
+        # with the RFC 6749 (invalid_client, unsupported_grant_type, etc.)
+        params :oauth_token_params do
+          optional :grant_type, type: String, desc: 'Grant type'
+          optional :client_id, type: String, desc: 'Client ID'
+          optional :client_secret, type: String, desc: 'Client secret'
+          optional :refresh_token, type: String, desc: 'Refresh Token'
+        end
+
+        # Params for authorization request.
+        # @see https://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1 Authorization Request
+        params :oauth_authorization_params do
+          optional :response_type, type: String, desc: 'Response type'
+          optional :client_id, type: String, desc: 'Client ID'
+          optional :redirect_uri, type: String, desc: 'Redirect URI'
+          optional :scope, type: String, desc: 'Authorization scopes'
+          optional :state, type: String, desc: 'State'
+        end
+
+        # Params for token revocation.
+        # @see https://tools.ietf.org/html/rfc7009#section-2.1 OAuth 2.0 Token Revocation
+        params :oauth_token_revocation_params do
+          requires :token, type: String, desc: 'The token that the client wants to get revoked'
+          optional :token_type_hint, type: String,
+                                     values: %w[access_token refresh_token],
+                                     default: 'access_token',
+                                     desc: 'A hint about the type of the token submitted for revocation'
+        end
+      end
+    end
+  end
+end