vidibus-oauth2_server 0.0.0 → 0.0.1

data/Gemfile

@@ -6,9 +6,11 @@ gem "vidibus-core_extensions"
 gem "vidibus-uuid"
 
 # Development dependecies
-gem "jeweler"
-gem "rake"
-gem "rspec", "~> 2.0.0.beta.20"
-gem "rr"
-gem "relevance-rcov"
-gem "webmock"
+group :development do
+  gem "jeweler"
+  gem "rake"
+  gem "rspec", "~> 2.0.0.beta.20"
+  gem "rr"
+  gem "relevance-rcov"
+  gem "webmock"
+end

data/README.rdoc

@@ -16,26 +16,90 @@ Add the dependency to the Gemfile of your application:
 Then call bundle install on your console.
 
 
-=== Extension of your ApplicationController
+=== Routes
 
-In ApplicationController of your OAuth server application you have to define two methods in order to perform OAuth authentication. The first method performs a sign in of the current user, the other method returns a client object with given id.
+Two routes will be added to your application. If you use a catch-all route, you will have to define these routes manually:
 
-Example from Vidibus' Connector service:
+  get "oauth/authorize" => "oauth2#authorize"
+  post "oauth/access_token" => "oauth2#access_token"
+
+
+=== ApplicationController
+
+In ApplicationController of your OAuth server application you have to define two methods in order to perform OAuth authentication.
+
+The first method performs a sign in of the current user. If you use Devise for authentication, this method already exists and works. This is an example that works with Authlogic:
+
+  # Calls authentication method.
+  def authenticate_user!
+    logged_in? or login_required
+  end
+
+The second method returns a client object with given id. This is an example for usage with vidibus-service gem:
 
   # Returns Service with given id.
-  # This method is called from Vidibus' Oauth2Server gem.
-  def oauth2_client(id)
-    Service.where(:uuid => id).first
+  # This method is called from Vidibus' OauthServer gem.
+  # The given client_id comprises the requesting service's
+  # uuid and realm, concatenated by -
+  def oauth2_client(client_id)
+    Service(*client_id.split("-"))
+  end
+
+
+=== User model
+
+Your user model has to provide an unique UUID. If you use Mongoid, add the following:
+
+  field :uuid
+
+If you have an ActiveRecord model, add a migration like this:
+
+  require "uuid"
+  class AddUuidToUsers < ActiveRecord::Migration
+    def self.up
+      add_column :users, :uuid, :string, :null => false
+      add_index :users, :uuid
+      User.all.each do |user|
+        uuid = UUID.new.generate(:compact)
+        user.update_attribute(:uuid, uuid)
+      end
+    end
+
+    def self.down
+      remove_column :users, :uuid
+    end
+  end
+
+
+=== User controller
+
+This gem will an action to obtain data of the currently logged in user. The following route will be added:
+
+  get "/oauth/user" => "oauth2/users#show"
+
+You may overwrite the Oauth2::UsersController class to adjust it to your needs. However, if you want to use the default controller, you'll need a method on your ApplicationController to obtain a user by a given UUID.
+
+For a typical ActiveRecord model this would be:
+
+  # Returns user matching given uuid
+  def find_user_by_uuid(uuid)
+    User.first(:conditions => {:uuid => uuid})
+  end
+
+The default #show method delivers a JSON string including name, email and UUID of the current user:
+
+  def show
+    render :json => @user.attributes.only(*%w[name email uuid])
   end
 
 
-=== Extension of your client model
+=== Client model
 
-Provide an #domain method to your OAuth client model that returns the domain name of the client. This method is used to validate the redirect_url.
+Provide a #domain method to your OAuth client model that returns the domain name of the client. This method is used to validate the redirect_url.
 
 Before issuing a token, the Oauth2Controller will ensure that the given client_secret is valid. In order to perform this validation, a method #valid_oauth2_secret? must be given on your client model.
 
-Example from Vidibus' Connector service:
+If you use the vidibus-service gem, you'll get this method on the service model:
 
   # Returns true if given client_secret matches signature.
   def valid_oauth2_secret?(client_secret)

data/Rakefile

@@ -10,10 +10,6 @@ begin
     gem.email = "andre@vidibus.com"
     gem.homepage = "http://github.com/vidibus/vidibus-oauth2_server"
     gem.authors = ["Andre Pankratz"]
-    gem.add_dependency "rails", "~> 3.0.0"
-    gem.add_dependency "mongoid", "~> 2.0.0.beta.20"
-    gem.add_dependency "vidibus-core_extensions"
-    gem.add_dependency "vidibus-uuid"
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end
   Jeweler::GemcutterTasks.new

data/VERSION

@@ -1 +1 @@
-0.0.0
+0.0.1

data/app/controllers/oauth2/authentication_controller.rb

@@ -0,0 +1,102 @@
+module Oauth2
+  class AuthenticationController < ApplicationController
+    skip_before_filter :verify_authenticity_token
+
+    around_filter :oauth2_error_handler
+
+    before_filter :validate_oauth2_type!
+    before_filter :validate_oauth2_client_id!
+    before_filter :validate_oauth2_redirect_url!
+
+    before_filter :authenticate_user!, :only => :authorize
+    before_filter :validate_oauth2_client_secret!, :only => :access_token
+
+    def authorize
+      args = params.slice(:client_id, :redirect_url)
+      args[:user_id] = current_user.uuid
+      token = Oauth2Token.create!(args)
+      uri_params = { :code => token.code }
+      uri_params[:state] = params[:state] if params.has_key?(:state)
+      uri = build_uri(params[:redirect_url], uri_params)
+      redirect_to(uri)
+    end
+
+    def access_token
+      token = Oauth2Token.find!(params)
+      render :text => { :access_token => token.token }.to_uri, :type => :url_encoded_form, :status => :ok
+    end
+
+    protected
+
+    # Ensures that the type of flow is supported
+    def validate_oauth2_type!
+      type = params[:type]
+      raise Vidibus::Oauth2Server::MissingTypeError if type.blank?
+      raise Vidibus::Oauth2Server::UnsupportedTypeError unless Vidibus::Oauth2Server::FLOWS.include?(type)
+    end
+
+    # Ensures that given client id is valid
+    def validate_oauth2_client_id!
+      raise Vidibus::Oauth2Server::MissingClientIdError if params[:client_id].blank?
+      @oauth2_client = oauth2_client(params[:client_id])
+      raise Vidibus::Oauth2Server::InvalidClientIdError unless @oauth2_client
+    end
+
+    # Ensures that redirect_url is valid for given client.
+    def validate_oauth2_redirect_url!
+      redirect_url = params[:redirect_url]
+      raise Vidibus::Oauth2Server::MissingRedirectUrlError if redirect_url.blank?
+      raise Vidibus::Oauth2Server::MalformedRedirectUrlError unless valid_uri?(redirect_url)
+      unless redirect_url.match(/^https?:\/\/([a-z0-9]+\.)?#{@oauth2_client.domain}/) # allow subdomains but ensure host of client application
+        raise Vidibus::Oauth2Server::InvalidRedirectUrlError
+      end
+    end
+
+    # Ensures that given client_secret is valid for given client.
+    def validate_oauth2_client_secret!
+      raise Vidibus::Oauth2Server::InvalidClientSecretError unless @oauth2_client.valid_oauth2_secret?(params[:client_secret])
+    end
+
+    # Returns error message for given exception.
+    def oauth2_error_handler
+      begin
+        yield
+      rescue Vidibus::Oauth2Server::MissingTypeError
+        error = "missing_type"
+      rescue Vidibus::Oauth2Server::UnsupportedTypeError
+        error = "unsupported_type"
+      rescue Vidibus::Oauth2Server::MissingClientIdError
+        error = "missing_client_id"
+      rescue Vidibus::Oauth2Server::InvalidClientIdError
+        error = "invalid_client_id"
+      rescue Vidibus::Oauth2Server::InvalidClientSecretError
+        error = "invalid_client_secret"
+      rescue Vidibus::Oauth2Server::MissingRedirectUrlError
+        error = "missing_redirect_url"
+      rescue Vidibus::Oauth2Server::MalformedRedirectUrlError
+        error = "malformed_redirect_url"
+      rescue Vidibus::Oauth2Server::InvalidRedirectUrlError
+        error = "invalid_redirect_url"
+      rescue Vidibus::Oauth2Server::MissingCodeError
+        error = "missing_code"
+      rescue Vidibus::Oauth2Server::InvalidCodeError
+        error = "invalid_code"
+      rescue Vidibus::Oauth2Server::ExpiredCodeError
+        error = "expired_code"
+      rescue Vidibus::Oauth2Server::InvalidTokenError
+        error = "invalid_token"
+      rescue Vidibus::Oauth2Server::ExpiredTokenError
+        error = "expired_token"
+      ensure
+        if error
+          status ||= :bad_request
+          render :text => I18n.t("oauth2_server.errors.#{error}"), :status => status
+        end
+      end
+
+      # Autorization error?
+      # :status => :unauthorized # The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource.
+      # :status => :forbidden # Maybe better?
+    end
+  end
+end

data/app/controllers/oauth2/users_controller.rb

@@ -0,0 +1,20 @@
+module Oauth2
+  class UsersController < ApplicationController
+    before_filter :ensure_token!
+    before_filter :find_user
+
+    def show
+      render :json => @user.attributes.only(*%w[name email uuid])
+    end
+
+    protected
+
+    def find_user
+      @user = find_user_by_uuid(@access_token.user_id) or render(:nothing => true, :status => :bad_request)
+    end
+
+    def ensure_token!
+      @access_token = Oauth2Token.find!(:token => params[:access_token])
+    end
+  end
+end

data/config/routes.rb

@@ -1,4 +1,5 @@
 Rails.application.routes.draw do
-  match "oauth/authorize" => "oauth2#authorize", :via => :get
-  match "oauth/access_token" => "oauth2#access_token", :via => :post
+  get "/oauth/authorize" => "oauth2/authentication#authorize"
+  post "/oauth/access_token" => "oauth2/authentication#access_token"
+  get "/oauth/user" => "oauth2/users#show"
 end

data/lib/vidibus/oauth2_server/extensions/controller.rb

@@ -7,12 +7,17 @@ module Vidibus
 
         # Authenticates user.
         def authenticate_user!
-          raise "Add a method authenticate_user! to your ApplicationController that authenticates the user that calls the OAuth actions."
+          raise "Add a method #authenticate_user! to your ApplicationController that authenticates the user."
+        end
+
+        # Returns user with matching uuid.
+        def find_user_by_uuid(uuid)
+          raise "Add a method #find_user_by_uuid to your ApplicationController to return a user with matching uuid."
         end
 
         # Returns Oauth2 client application matching given id.
         def oauth2_client(id)
-          raise "Add a method oauth2_client to your ApplicationController that returns the OAuth client application for given id."
+          raise "Add a method #oauth2_client to your ApplicationController that returns the OAuth client application for given id."
         end
       end
     end

data/vidibus-oauth2_server.gemspec

@@ -1,42 +1,41 @@
 # Generated by jeweler
 # DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{vidibus-oauth2_server}
-  s.version = "0.0.0"
+  s.version = "0.0.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Andre Pankratz"]
-  s.date = %q{2010-10-02}
+  s.date = %q{2011-01-14}
   s.description = %q{OAuth2 server for Rails 3 with Mongoid.}
   s.email = %q{andre@vidibus.com}
   s.extra_rdoc_files = [
     "LICENSE",
-     "README.rdoc"
+    "README.rdoc"
   ]
   s.files = [
     ".document",
-     ".gitignore",
-     "Gemfile",
-     "Gemfile.lock",
-     "LICENSE",
-     "README.rdoc",
-     "Rakefile",
-     "VERSION",
-     "app/controllers/oauth2_controller.rb",
-     "app/models/oauth2_token.rb",
-     "config/locales/en.yml",
-     "config/routes.rb",
-     "lib/vidibus-oauth2_server.rb",
-     "lib/vidibus/oauth2_server.rb",
-     "lib/vidibus/oauth2_server/extensions.rb",
-     "lib/vidibus/oauth2_server/extensions/controller.rb",
-     "vidibus-oauth2_server.gemspec"
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE",
+    "README.rdoc",
+    "Rakefile",
+    "VERSION",
+    "app/controllers/oauth2/authentication_controller.rb",
+    "app/controllers/oauth2/users_controller.rb",
+    "app/models/oauth2_token.rb",
+    "config/locales/en.yml",
+    "config/routes.rb",
+    "lib/vidibus-oauth2_server.rb",
+    "lib/vidibus/oauth2_server.rb",
+    "lib/vidibus/oauth2_server/extensions.rb",
+    "lib/vidibus/oauth2_server/extensions/controller.rb",
+    "vidibus-oauth2_server.gemspec"
   ]
   s.homepage = %q{http://github.com/vidibus/vidibus-oauth2_server}
-  s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
   s.rubygems_version = %q{1.3.7}
   s.summary = %q{OAuth2 server for Rails 3 with Mongoid.}
@@ -50,17 +49,35 @@ Gem::Specification.new do |s|
       s.add_runtime_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
       s.add_runtime_dependency(%q<vidibus-core_extensions>, [">= 0"])
       s.add_runtime_dependency(%q<vidibus-uuid>, [">= 0"])
+      s.add_development_dependency(%q<jeweler>, [">= 0"])
+      s.add_development_dependency(%q<rake>, [">= 0"])
+      s.add_development_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
+      s.add_development_dependency(%q<rr>, [">= 0"])
+      s.add_development_dependency(%q<relevance-rcov>, [">= 0"])
+      s.add_development_dependency(%q<webmock>, [">= 0"])
     else
       s.add_dependency(%q<rails>, ["~> 3.0.0"])
       s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
       s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
       s.add_dependency(%q<vidibus-uuid>, [">= 0"])
+      s.add_dependency(%q<jeweler>, [">= 0"])
+      s.add_dependency(%q<rake>, [">= 0"])
+      s.add_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
+      s.add_dependency(%q<rr>, [">= 0"])
+      s.add_dependency(%q<relevance-rcov>, [">= 0"])
+      s.add_dependency(%q<webmock>, [">= 0"])
     end
   else
     s.add_dependency(%q<rails>, ["~> 3.0.0"])
     s.add_dependency(%q<mongoid>, ["~> 2.0.0.beta.20"])
     s.add_dependency(%q<vidibus-core_extensions>, [">= 0"])
     s.add_dependency(%q<vidibus-uuid>, [">= 0"])
+    s.add_dependency(%q<jeweler>, [">= 0"])
+    s.add_dependency(%q<rake>, [">= 0"])
+    s.add_dependency(%q<rspec>, ["~> 2.0.0.beta.20"])
+    s.add_dependency(%q<rr>, [">= 0"])
+    s.add_dependency(%q<relevance-rcov>, [">= 0"])
+    s.add_dependency(%q<webmock>, [">= 0"])
   end
 end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: vidibus-oauth2_server
 version: !ruby/object:Gem::Version 
-  hash: 31
+  hash: 29
   prerelease: false
   segments: 
   - 0
   - 0
-  - 0
-  version: 0.0.0
+  - 1
+  version: 0.0.1
 platform: ruby
 authors: 
 - Andre Pankratz
@@ -15,13 +15,14 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-02 00:00:00 +02:00
+date: 2011-01-14 00:00:00 +01:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  name: rails
+  type: :runtime
   prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  name: rails
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -32,12 +33,12 @@ dependencies:
         - 0
         - 0
         version: 3.0.0
-  type: :runtime
-  version_requirements: *id001
+  requirement: *id001
 - !ruby/object:Gem::Dependency 
-  name: mongoid
+  type: :runtime
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  name: mongoid
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -50,12 +51,12 @@ dependencies:
         - beta
         - 20
         version: 2.0.0.beta.20
-  type: :runtime
-  version_requirements: *id002
+  requirement: *id002
 - !ruby/object:Gem::Dependency 
-  name: vidibus-core_extensions
+  type: :runtime
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  name: vidibus-core_extensions
+  version_requirements: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -64,12 +65,26 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  type: :runtime
-  version_requirements: *id003
+  requirement: *id003
 - !ruby/object:Gem::Dependency 
+  type: :runtime
+  prerelease: false
   name: vidibus-uuid
+  version_requirements: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id004
+- !ruby/object:Gem::Dependency 
+  type: :development
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
+  name: jeweler
+  version_requirements: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -78,8 +93,81 @@ dependencies:
         segments: 
         - 0
         version: "0"
-  type: :runtime
-  version_requirements: *id004
+  requirement: *id005
+- !ruby/object:Gem::Dependency 
+  type: :development
+  prerelease: false
+  name: rake
+  version_requirements: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id006
+- !ruby/object:Gem::Dependency 
+  type: :development
+  prerelease: false
+  name: rspec
+  version_requirements: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 62196427
+        segments: 
+        - 2
+        - 0
+        - 0
+        - beta
+        - 20
+        version: 2.0.0.beta.20
+  requirement: *id007
+- !ruby/object:Gem::Dependency 
+  type: :development
+  prerelease: false
+  name: rr
+  version_requirements: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id008
+- !ruby/object:Gem::Dependency 
+  type: :development
+  prerelease: false
+  name: relevance-rcov
+  version_requirements: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id009
+- !ruby/object:Gem::Dependency 
+  type: :development
+  prerelease: false
+  name: webmock
+  version_requirements: &id010 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id010
 description: OAuth2 server for Rails 3 with Mongoid.
 email: andre@vidibus.com
 executables: []
@@ -91,14 +179,14 @@ extra_rdoc_files:
 - README.rdoc
 files: 
 - .document
-- .gitignore
 - Gemfile
 - Gemfile.lock
 - LICENSE
 - README.rdoc
 - Rakefile
 - VERSION
-- app/controllers/oauth2_controller.rb
+- app/controllers/oauth2/authentication_controller.rb
+- app/controllers/oauth2/users_controller.rb
 - app/models/oauth2_token.rb
 - config/locales/en.yml
 - config/routes.rb
@@ -112,8 +200,8 @@ homepage: http://github.com/vidibus/vidibus-oauth2_server
 licenses: []
 
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
+rdoc_options: []
+
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 

data/.gitignore

@@ -1,22 +0,0 @@
-## MAC OS
-.DS_Store
-
-## TEXTMATE
-*.tmproj
-tmtags
-
-## EMACS
-*~
-\#*
-.\#*
-
-## VIM
-*.swp
-
-## PROJECT::GENERAL
-coverage
-rdoc
-pkg
-
-## PROJECT::SPECIFIC
-.bundle

data/app/controllers/oauth2_controller.rb

@@ -1,100 +0,0 @@
-class Oauth2Controller < ApplicationController
-  skip_before_filter :verify_authenticity_token
-
-  around_filter :oauth2_error_handler
-
-  before_filter :validate_oauth2_type!
-  before_filter :validate_oauth2_client_id!
-  before_filter :validate_oauth2_redirect_url!
-
-  before_filter :authenticate_user!, :only => :authorize
-  before_filter :validate_oauth2_client_secret!, :only => :access_token
-
-  def authorize
-    args = params.slice(:client_id, :redirect_url)
-    args[:user_id] = current_user.uuid
-    token = Oauth2Token.create!(args)
-    uri_params = { :code => token.code }
-    uri_params[:state] = params[:state] if params.has_key?(:state)
-    uri = build_uri(params[:redirect_url], uri_params)
-    redirect_to(uri)
-  end
-
-  def access_token
-    token = Oauth2Token.find!(params)
-    render :text => { :access_token => token.token }.to_uri, :type => :url_encoded_form, :status => :ok
-  end
-
-  protected
-
-  # Ensures that the type of flow is supported
-  def validate_oauth2_type!
-    type = params[:type]
-    raise Vidibus::Oauth2Server::MissingTypeError if type.blank?
-    raise Vidibus::Oauth2Server::UnsupportedTypeError unless Vidibus::Oauth2Server::FLOWS.include?(type)
-  end
-
-  # Ensures that given client id is valid
-  def validate_oauth2_client_id!
-    raise Vidibus::Oauth2Server::MissingClientIdError if params[:client_id].blank?
-    @oauth2_client = oauth2_client(params[:client_id])
-    raise Vidibus::Oauth2Server::InvalidClientIdError unless @oauth2_client
-  end
-
-  # Ensures that redirect_url is valid for given client.
-  def validate_oauth2_redirect_url!
-    redirect_url = params[:redirect_url]
-    raise Vidibus::Oauth2Server::MissingRedirectUrlError if redirect_url.blank?
-    raise Vidibus::Oauth2Server::MalformedRedirectUrlError unless valid_uri?(redirect_url)
-    unless redirect_url.match(/^https?:\/\/([a-z0-9]+\.)?#{@oauth2_client.domain}/) # allow subdomains but ensure host of client application
-      raise Vidibus::Oauth2Server::InvalidRedirectUrlError
-    end
-  end
-
-  # Ensures that given client_secret is valid for given client.
-  def validate_oauth2_client_secret!
-    raise Vidibus::Oauth2Server::InvalidClientSecretError unless @oauth2_client.valid_oauth2_secret?(params[:client_secret])
-  end
-
-  # Returns error message for given exception.
-  def oauth2_error_handler
-    begin
-      yield
-    rescue Vidibus::Oauth2Server::MissingTypeError
-      error = "missing_type"
-    rescue Vidibus::Oauth2Server::UnsupportedTypeError
-      error = "unsupported_type"
-    rescue Vidibus::Oauth2Server::MissingClientIdError
-      error = "missing_client_id"
-    rescue Vidibus::Oauth2Server::InvalidClientIdError
-      error = "invalid_client_id"
-    rescue Vidibus::Oauth2Server::InvalidClientSecretError
-      error = "invalid_client_secret"
-    rescue Vidibus::Oauth2Server::MissingRedirectUrlError
-      error = "missing_redirect_url"
-    rescue Vidibus::Oauth2Server::MalformedRedirectUrlError
-      error = "malformed_redirect_url"
-    rescue Vidibus::Oauth2Server::InvalidRedirectUrlError
-      error = "invalid_redirect_url"
-    rescue Vidibus::Oauth2Server::MissingCodeError
-      error = "missing_code"
-    rescue Vidibus::Oauth2Server::InvalidCodeError
-      error = "invalid_code"
-    rescue Vidibus::Oauth2Server::ExpiredCodeError
-      error = "expired_code"
-    rescue Vidibus::Oauth2Server::InvalidTokenError
-      error = "invalid_token"
-    rescue Vidibus::Oauth2Server::ExpiredTokenError
-      error = "expired_token"
-    ensure
-      if error
-        status ||= :bad_request
-        render :text => I18n.t("oauth2_server.errors.#{error}"), :status => status
-      end
-    end
-
-    # Autorization error?
-    # :status => :unauthorized # The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource.
-    # :status => :forbidden # Maybe better?
-  end
-end