oauth2_provider 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +306 -0
- data/HACKING.textile +45 -0
- data/NOTICE.textile +6 -0
- data/README.textile +11 -3
- data/WHAT_IS_OAUTH.textile +165 -0
- data/app/controllers/oauth_authorize_controller.rb +69 -0
- data/app/controllers/oauth_clients_controller.rb +79 -0
- data/app/controllers/oauth_token_controller.rb +59 -0
- data/app/controllers/oauth_user_tokens_controller.rb +61 -0
- data/app/models/oauth2/provider/oauth_authorization.rb +4 -0
- data/app/models/oauth2/provider/oauth_client.rb +14 -3
- data/app/views/{oauth2/provider/layouts → layouts}/oauth_clients.html.erb +0 -0
- data/app/views/oauth_authorize/index.html.erb +17 -0
- data/app/views/oauth_clients/_form.html.erb +27 -0
- data/app/views/oauth_clients/edit.html.erb +7 -0
- data/app/views/oauth_clients/index.html.erb +53 -0
- data/app/views/oauth_clients/new.html.erb +7 -0
- data/app/views/{oauth2/provider/oauth_clients → oauth_clients}/show.html.erb +0 -0
- data/app/views/oauth_user_tokens/index.html.erb +28 -0
- data/config/routes.rb +15 -9
- data/generators/oauth2_provider/USAGE +12 -0
- data/generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb +3 -0
- data/lib/ext/validatable_ext.rb +27 -0
- data/lib/oauth2/provider/a_r_datasource.rb +13 -1
- data/lib/oauth2/provider/application_controller_methods.rb +32 -20
- data/lib/oauth2/provider/configuration.rb +39 -0
- data/lib/oauth2/provider/in_memory_datasource.rb +8 -0
- data/lib/oauth2/provider/model_base.rb +59 -10
- data/lib/oauth2/provider/ssl_helper.rb +42 -0
- data/lib/oauth2/provider/transaction_helper.rb +24 -0
- data/lib/oauth2/provider/url_parser.rb +17 -0
- data/lib/oauth2_provider.rb +3 -6
- data/oauth2_provider.gemspec +15 -6
- metadata +81 -26
- data/app/controllers/oauth2/provider/oauth_authorize_controller.rb +0 -68
- data/app/controllers/oauth2/provider/oauth_clients_controller.rb +0 -56
- data/app/controllers/oauth2/provider/oauth_token_controller.rb +0 -58
- data/app/controllers/oauth2/provider/oauth_user_tokens_controller.rb +0 -29
- data/app/views/oauth2/provider/oauth_authorize/index.html.erb +0 -8
- data/app/views/oauth2/provider/oauth_clients/edit.html.erb +0 -20
- data/app/views/oauth2/provider/oauth_clients/index.html.erb +0 -28
- data/app/views/oauth2/provider/oauth_clients/new.html.erb +0 -21
- data/app/views/oauth2/provider/oauth_user_tokens/index.html.erb +0 -14
- data/tasks/gem.rake +0 -88
@@ -0,0 +1,17 @@
|
|
1
|
+
# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
|
2
|
+
# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
|
3
|
+
|
4
|
+
if RUBY_PLATFORM =~ /java/
|
5
|
+
module URIParser
|
6
|
+
module_function
|
7
|
+
def self.parse(url)
|
8
|
+
java.net.URL.new(url)
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
class java::net::URL
|
13
|
+
alias :scheme :protocol
|
14
|
+
end
|
15
|
+
else
|
16
|
+
URIParser = URI
|
17
|
+
end
|
data/lib/oauth2_provider.rb
CHANGED
@@ -5,15 +5,12 @@ require 'oauth2/provider/a_r_datasource'
|
|
5
5
|
require 'oauth2/provider/in_memory_datasource'
|
6
6
|
require 'oauth2/provider/model_base'
|
7
7
|
require 'oauth2/provider/clock'
|
8
|
+
require 'oauth2/provider/url_parser'
|
9
|
+
require 'oauth2/provider/configuration'
|
10
|
+
require 'ext/validatable_ext'
|
8
11
|
|
9
12
|
Oauth2::Provider::ModelBase.datasource = ENV["OAUTH2_PROVIDER_DATASOURCE"]
|
10
13
|
|
11
|
-
unless ENV['LOAD_OAUTH_SILENTLY']
|
12
|
-
puts "*"*80
|
13
|
-
puts "*** Using data source: #{Oauth2::Provider::ModelBase.datasource.class}"
|
14
|
-
puts "*"*80
|
15
|
-
end
|
16
|
-
|
17
14
|
Dir[File.join(File.dirname(__FILE__), "..", "app", "**", '*.rb')].each do |rb_file|
|
18
15
|
require File.expand_path(rb_file)
|
19
16
|
end
|
data/oauth2_provider.gemspec
CHANGED
@@ -2,27 +2,36 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = %q{oauth2_provider}
|
5
|
-
s.version = "0.
|
5
|
+
s.version = "0.3.0"
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
8
|
s.authors = ["ThoughtWorks, Inc."]
|
9
|
-
s.date = %q{
|
9
|
+
s.date = %q{2011-03-16}
|
10
10
|
s.description = %q{A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.}
|
11
11
|
s.email = %q{ketan@thoughtworks.com}
|
12
|
-
s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
|
13
|
-
s.files = ["app/controllers/
|
12
|
+
s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt", "NOTICE.textile"]
|
13
|
+
s.files = ["app", "CHANGELOG", "config", "generators", "HACKING.textile", "init.rb", "lib", "MIT-LICENSE.txt", "NOTICE.textile", "oauth2_provider.gemspec", "README.textile", "WHAT_IS_OAUTH.textile", "app/controllers", "app/models", "app/views", "app/controllers/oauth_authorize_controller.rb", "app/controllers/oauth_clients_controller.rb", "app/controllers/oauth_token_controller.rb", "app/controllers/oauth_user_tokens_controller.rb", "app/models/oauth2", "app/models/oauth2/provider", "app/models/oauth2/provider/oauth_authorization.rb", "app/models/oauth2/provider/oauth_client.rb", "app/models/oauth2/provider/oauth_token.rb", "app/views/layouts", "app/views/oauth_authorize", "app/views/oauth_clients", "app/views/oauth_user_tokens", "app/views/layouts/oauth_clients.html.erb", "app/views/oauth_authorize/index.html.erb", "app/views/oauth_clients/_form.html.erb", "app/views/oauth_clients/edit.html.erb", "app/views/oauth_clients/index.html.erb", "app/views/oauth_clients/new.html.erb", "app/views/oauth_clients/show.html.erb", "app/views/oauth_user_tokens/index.html.erb", "config/routes.rb", "generators/oauth2_provider", "generators/oauth2_provider/oauth2_provider_generator.rb", "generators/oauth2_provider/templates", "generators/oauth2_provider/USAGE", "generators/oauth2_provider/templates/config", "generators/oauth2_provider/templates/db", "generators/oauth2_provider/templates/config/initializers", "generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb", "generators/oauth2_provider/templates/db/migrate", "generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb", "lib/ext", "lib/oauth2", "lib/oauth2_provider.rb", "lib/ext/validatable_ext.rb", "lib/oauth2/provider", "lib/oauth2/provider/a_r_datasource.rb", "lib/oauth2/provider/application_controller_methods.rb", "lib/oauth2/provider/clock.rb", "lib/oauth2/provider/configuration.rb", "lib/oauth2/provider/in_memory_datasource.rb", "lib/oauth2/provider/model_base.rb", "lib/oauth2/provider/ssl_helper.rb", "lib/oauth2/provider/transaction_helper.rb", "lib/oauth2/provider/url_parser.rb"]
|
14
14
|
s.homepage = %q{http://github.com/ThoughtWorksStudios/oauth2_provider}
|
15
15
|
s.require_paths = ["lib"]
|
16
|
-
s.rubygems_version = %q{1.3.
|
16
|
+
s.rubygems_version = %q{1.3.6}
|
17
17
|
s.summary = %q{A Rails plugin to OAuth v2.0 enable your rails application}
|
18
18
|
|
19
19
|
if s.respond_to? :specification_version then
|
20
20
|
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
21
21
|
s.specification_version = 3
|
22
22
|
|
23
|
-
if Gem::Version.new(Gem::
|
23
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
24
|
+
s.add_runtime_dependency(%q<validatable>, ["= 1.6.7"])
|
25
|
+
s.add_development_dependency(%q<saikuro_treemap>, [">= 0"])
|
26
|
+
s.add_development_dependency(%q<rcov>, ["= 0.9.8"])
|
24
27
|
else
|
28
|
+
s.add_dependency(%q<validatable>, ["= 1.6.7"])
|
29
|
+
s.add_dependency(%q<saikuro_treemap>, [">= 0"])
|
30
|
+
s.add_dependency(%q<rcov>, ["= 0.9.8"])
|
25
31
|
end
|
26
32
|
else
|
33
|
+
s.add_dependency(%q<validatable>, ["= 1.6.7"])
|
34
|
+
s.add_dependency(%q<saikuro_treemap>, [">= 0"])
|
35
|
+
s.add_dependency(%q<rcov>, ["= 0.9.8"])
|
27
36
|
end
|
28
37
|
end
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth2_provider
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
5
|
-
prerelease:
|
4
|
+
hash: 19
|
5
|
+
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
|
-
-
|
8
|
+
- 3
|
9
9
|
- 0
|
10
|
-
version: 0.
|
10
|
+
version: 0.3.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- ThoughtWorks, Inc.
|
@@ -15,10 +15,55 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date:
|
18
|
+
date: 2011-03-16 00:00:00 -07:00
|
19
19
|
default_executable:
|
20
|
-
dependencies:
|
21
|
-
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
22
|
+
name: validatable
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - "="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 1
|
30
|
+
segments:
|
31
|
+
- 1
|
32
|
+
- 6
|
33
|
+
- 7
|
34
|
+
version: 1.6.7
|
35
|
+
type: :runtime
|
36
|
+
version_requirements: *id001
|
37
|
+
- !ruby/object:Gem::Dependency
|
38
|
+
name: saikuro_treemap
|
39
|
+
prerelease: false
|
40
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ">="
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
hash: 3
|
46
|
+
segments:
|
47
|
+
- 0
|
48
|
+
version: "0"
|
49
|
+
type: :development
|
50
|
+
version_requirements: *id002
|
51
|
+
- !ruby/object:Gem::Dependency
|
52
|
+
name: rcov
|
53
|
+
prerelease: false
|
54
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
55
|
+
none: false
|
56
|
+
requirements:
|
57
|
+
- - "="
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
hash: 43
|
60
|
+
segments:
|
61
|
+
- 0
|
62
|
+
- 9
|
63
|
+
- 8
|
64
|
+
version: 0.9.8
|
65
|
+
type: :development
|
66
|
+
version_requirements: *id003
|
22
67
|
description: A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.
|
23
68
|
email: ketan@thoughtworks.com
|
24
69
|
executables: []
|
@@ -28,39 +73,49 @@ extensions: []
|
|
28
73
|
extra_rdoc_files:
|
29
74
|
- README.textile
|
30
75
|
- MIT-LICENSE.txt
|
76
|
+
- NOTICE.textile
|
31
77
|
files:
|
32
|
-
-
|
33
|
-
-
|
34
|
-
-
|
35
|
-
-
|
78
|
+
- CHANGELOG
|
79
|
+
- HACKING.textile
|
80
|
+
- init.rb
|
81
|
+
- MIT-LICENSE.txt
|
82
|
+
- NOTICE.textile
|
83
|
+
- oauth2_provider.gemspec
|
84
|
+
- README.textile
|
85
|
+
- WHAT_IS_OAUTH.textile
|
86
|
+
- app/controllers/oauth_authorize_controller.rb
|
87
|
+
- app/controllers/oauth_clients_controller.rb
|
88
|
+
- app/controllers/oauth_token_controller.rb
|
89
|
+
- app/controllers/oauth_user_tokens_controller.rb
|
36
90
|
- app/models/oauth2/provider/oauth_authorization.rb
|
37
91
|
- app/models/oauth2/provider/oauth_client.rb
|
38
92
|
- app/models/oauth2/provider/oauth_token.rb
|
39
|
-
- app/views/
|
40
|
-
- app/views/
|
41
|
-
- app/views/
|
42
|
-
- app/views/
|
43
|
-
- app/views/
|
44
|
-
- app/views/
|
45
|
-
- app/views/
|
93
|
+
- app/views/layouts/oauth_clients.html.erb
|
94
|
+
- app/views/oauth_authorize/index.html.erb
|
95
|
+
- app/views/oauth_clients/_form.html.erb
|
96
|
+
- app/views/oauth_clients/edit.html.erb
|
97
|
+
- app/views/oauth_clients/index.html.erb
|
98
|
+
- app/views/oauth_clients/new.html.erb
|
99
|
+
- app/views/oauth_clients/show.html.erb
|
100
|
+
- app/views/oauth_user_tokens/index.html.erb
|
46
101
|
- config/routes.rb
|
47
102
|
- generators/oauth2_provider/oauth2_provider_generator.rb
|
103
|
+
- generators/oauth2_provider/USAGE
|
48
104
|
- generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb
|
49
105
|
- generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb
|
50
106
|
- generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb
|
51
107
|
- generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb
|
52
|
-
-
|
108
|
+
- lib/oauth2_provider.rb
|
109
|
+
- lib/ext/validatable_ext.rb
|
53
110
|
- lib/oauth2/provider/a_r_datasource.rb
|
54
111
|
- lib/oauth2/provider/application_controller_methods.rb
|
55
112
|
- lib/oauth2/provider/clock.rb
|
113
|
+
- lib/oauth2/provider/configuration.rb
|
56
114
|
- lib/oauth2/provider/in_memory_datasource.rb
|
57
115
|
- lib/oauth2/provider/model_base.rb
|
58
|
-
- lib/
|
59
|
-
-
|
60
|
-
-
|
61
|
-
- README.textile
|
62
|
-
- tasks/gem.rake
|
63
|
-
- CHANGELOG
|
116
|
+
- lib/oauth2/provider/ssl_helper.rb
|
117
|
+
- lib/oauth2/provider/transaction_helper.rb
|
118
|
+
- lib/oauth2/provider/url_parser.rb
|
64
119
|
has_rdoc: true
|
65
120
|
homepage: http://github.com/ThoughtWorksStudios/oauth2_provider
|
66
121
|
licenses: []
|
@@ -91,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
146
|
requirements: []
|
92
147
|
|
93
148
|
rubyforge_project:
|
94
|
-
rubygems_version: 1.
|
149
|
+
rubygems_version: 1.4.2
|
95
150
|
signing_key:
|
96
151
|
specification_version: 3
|
97
152
|
summary: A Rails plugin to OAuth v2.0 enable your rails application
|
@@ -1,68 +0,0 @@
|
|
1
|
-
# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
|
2
|
-
# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
|
3
|
-
|
4
|
-
module Oauth2
|
5
|
-
module Provider
|
6
|
-
class OauthAuthorizeController < ::ApplicationController
|
7
|
-
|
8
|
-
def index
|
9
|
-
return unless validate_params
|
10
|
-
end
|
11
|
-
|
12
|
-
def authorize
|
13
|
-
return unless validate_params
|
14
|
-
|
15
|
-
unless params[:authorize] == '1'
|
16
|
-
redirect_to "#{params[:redirect_uri]}?error=access-denied"
|
17
|
-
return
|
18
|
-
end
|
19
|
-
|
20
|
-
authorization = @client.create_authorization_for_user_id(current_user_id_for_oauth)
|
21
|
-
state_param = if params[:state].blank?
|
22
|
-
""
|
23
|
-
else
|
24
|
-
"&state=#{CGI.escape(params[:state])}"
|
25
|
-
end
|
26
|
-
|
27
|
-
redirect_to "#{params[:redirect_uri]}?code=#{authorization.code}&expires_in=#{authorization.expires_in}#{state_param}"
|
28
|
-
end
|
29
|
-
|
30
|
-
private
|
31
|
-
|
32
|
-
# TODO: support 'code', 'token', 'code-and-token'
|
33
|
-
VALID_RESPONSE_TYPES = ['code']
|
34
|
-
|
35
|
-
def validate_params
|
36
|
-
if params[:client_id].blank? || params[:response_type].blank?
|
37
|
-
redirect_to "#{params[:redirect_uri]}?error=invalid-request"
|
38
|
-
return false
|
39
|
-
end
|
40
|
-
|
41
|
-
unless VALID_RESPONSE_TYPES.include?(params[:response_type])
|
42
|
-
redirect_to "#{params[:redirect_uri]}?error=unsupported-response-type"
|
43
|
-
return
|
44
|
-
end
|
45
|
-
|
46
|
-
if params[:redirect_uri].blank?
|
47
|
-
render :text => "You did not specify the 'redirect_uri' parameter!", :status => :bad_request
|
48
|
-
return false
|
49
|
-
end
|
50
|
-
|
51
|
-
@client = OauthClient.find_one(:client_id, params[:client_id])
|
52
|
-
|
53
|
-
if @client.nil?
|
54
|
-
redirect_to "#{params[:redirect_uri]}?error=invalid-client-id"
|
55
|
-
return false
|
56
|
-
end
|
57
|
-
|
58
|
-
if @client.redirect_uri != params[:redirect_uri]
|
59
|
-
redirect_to "#{params[:redirect_uri]}?error=redirect-uri-mismatch"
|
60
|
-
return false
|
61
|
-
end
|
62
|
-
|
63
|
-
true
|
64
|
-
end
|
65
|
-
|
66
|
-
end
|
67
|
-
end
|
68
|
-
end
|
@@ -1,56 +0,0 @@
|
|
1
|
-
# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
|
2
|
-
# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
|
3
|
-
|
4
|
-
module Oauth2
|
5
|
-
module Provider
|
6
|
-
class OauthClientsController < ApplicationController
|
7
|
-
|
8
|
-
def index
|
9
|
-
@oauth_clients = OauthClient.all
|
10
|
-
end
|
11
|
-
|
12
|
-
def show
|
13
|
-
@oauth_client = OauthClient.find(params[:id])
|
14
|
-
end
|
15
|
-
|
16
|
-
def new
|
17
|
-
@oauth_client = OauthClient.new
|
18
|
-
end
|
19
|
-
|
20
|
-
def edit
|
21
|
-
@oauth_client = OauthClient.find(params[:id])
|
22
|
-
end
|
23
|
-
|
24
|
-
def create
|
25
|
-
@oauth_client = OauthClient.new(params[:oauth_client])
|
26
|
-
|
27
|
-
if @oauth_client.save
|
28
|
-
flash[:notice] = 'OauthClient was successfully created.'
|
29
|
-
redirect_to :action => 'index'
|
30
|
-
return
|
31
|
-
else
|
32
|
-
render :action => "new"
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
def update
|
37
|
-
@oauth_client = OauthClient.find(params[:id])
|
38
|
-
|
39
|
-
if @oauth_client.update_attributes(params[:oauth_client])
|
40
|
-
flash[:notice] = 'OauthClient was successfully updated.'
|
41
|
-
redirect_to :action => 'index'
|
42
|
-
return
|
43
|
-
else
|
44
|
-
render :action => "edit"
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
def destroy
|
49
|
-
@oauth_client = OauthClient.find(params[:id])
|
50
|
-
@oauth_client.destroy
|
51
|
-
|
52
|
-
redirect_to(oauth_clients_url)
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
@@ -1,58 +0,0 @@
|
|
1
|
-
# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
|
2
|
-
# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
|
3
|
-
|
4
|
-
module Oauth2
|
5
|
-
module Provider
|
6
|
-
class OauthTokenController < ApplicationController
|
7
|
-
skip_before_filter :verify_authenticity_token
|
8
|
-
|
9
|
-
def get_token
|
10
|
-
|
11
|
-
authorization = OauthAuthorization.find_one(:code, params[:code])
|
12
|
-
authorization.destroy unless authorization.nil?
|
13
|
-
|
14
|
-
original_token = OauthToken.find_one(:refresh_token, params[:refresh_token])
|
15
|
-
original_token.destroy unless original_token.nil?
|
16
|
-
|
17
|
-
unless ['authorization-code', 'refresh-token'].include?(params[:grant_type])
|
18
|
-
render_error('unsupported-grant-type', "Grant type #{params[:grant_type]} is not supported!")
|
19
|
-
return
|
20
|
-
end
|
21
|
-
|
22
|
-
client = OauthClient.find_one(:client_id, params[:client_id])
|
23
|
-
|
24
|
-
if client.nil? || client.client_secret != params[:client_secret]
|
25
|
-
render_error('invalid-client-credentials', 'Invalid client credentials!')
|
26
|
-
return
|
27
|
-
end
|
28
|
-
|
29
|
-
if client.redirect_uri != params[:redirect_uri]
|
30
|
-
render_error('invalid-grant', 'Redirect uri mismatch!')
|
31
|
-
return
|
32
|
-
end
|
33
|
-
|
34
|
-
if params[:grant_type] == 'authorization-code'
|
35
|
-
if authorization.nil? || authorization.expired? || authorization.oauth_client.id != client.id
|
36
|
-
render_error('invalid-grant', "Authorization expired or invalid!")
|
37
|
-
return
|
38
|
-
end
|
39
|
-
token = authorization.generate_access_token
|
40
|
-
else # refresh-token
|
41
|
-
if original_token.nil? || original_token.oauth_client.id != client.id
|
42
|
-
render_error('invalid-grant', 'Refresh token is invalid!')
|
43
|
-
return
|
44
|
-
end
|
45
|
-
token = original_token.refresh
|
46
|
-
end
|
47
|
-
|
48
|
-
render :content_type => 'application/json', :text => token.access_token_attributes.to_json
|
49
|
-
end
|
50
|
-
|
51
|
-
private
|
52
|
-
def render_error(error_code, description)
|
53
|
-
render :status => :bad_request, :json => {:error => error_code, :error_description => description}.to_json
|
54
|
-
end
|
55
|
-
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
|
2
|
-
# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
|
3
|
-
|
4
|
-
module Oauth2
|
5
|
-
module Provider
|
6
|
-
class OauthUserTokensController < ApplicationController
|
7
|
-
|
8
|
-
def index
|
9
|
-
@tokens = OauthToken.find_all_with(:user_id, current_user_id_for_oauth)
|
10
|
-
end
|
11
|
-
|
12
|
-
def revoke
|
13
|
-
token = OauthToken.find_by_id(params[:token_id])
|
14
|
-
if token.nil?
|
15
|
-
render :text => "User not authorized to perform this action!", :status => :bad_request
|
16
|
-
return
|
17
|
-
end
|
18
|
-
if token.user_id.to_s != current_user_id_for_oauth
|
19
|
-
render :text => "User not authorized to perform this action!", :status => :bad_request
|
20
|
-
return
|
21
|
-
end
|
22
|
-
|
23
|
-
token.destroy
|
24
|
-
redirect_to :action => :index
|
25
|
-
end
|
26
|
-
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|