Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add support for response_type=token

  • Loading branch information...
commit 4ae009ce1ecb97e9a2a2b45e979b31f89da98056 1 parent 9763777
@burgalon authored
View
34 lib/oauth2/provider/rack/authorization_code_request.rb
@@ -6,6 +6,24 @@ def initialize(params)
end
def grant!(resource_owner = nil, authorization_expires_at = nil)
+ grant_code!(resource_owner, authorization_expires_at) if response_type == 'code'
+ grant_token!(resource_owner, authorization_expires_at) if response_type == 'token'
+ end
+
+ def grant_token!(resource_owner = nil, authorization_expires_at = nil)
+ authorization = OAuth2::Provider.authorization_class.create!(
+ :resource_owner => resource_owner,
+ :client => client,
+ :scope => scope
+ )
+ token = OAuth2::Provider.access_token_class.create!(
+ :authorization => authorization,
+ :expires_at => authorization_expires_at
+ )
+ throw_response Responses.redirect_with_hash_params(redirect_uri, token.as_json)
+ end
+
+ def grant_code!(resource_owner = nil, authorization_expires_at = nil)
grant = client.authorizations.create!(
:resource_owner => resource_owner,
:client => client,
@@ -35,6 +53,10 @@ def client_id
@params['client_id']
end
+ def response_type
+ @params['response_type']
+ end
+
def client
@client ||= OAuth2::Provider.client_class.from_param(client_id)
end
@@ -43,6 +65,10 @@ def redirect_uri
@params['redirect_uri']
end
+ def response_type_valid?
+ ['code', 'token'].include? response_type
+ end
+
def redirect_uri_valid?
client && client.allow_redirection?(redirect_uri)
end
@@ -54,6 +80,14 @@ def scope
private
def validate!
+ unless response_type
+ raise OAuth2::Provider::Rack::InvalidRequest, 'No response_type provided'
+ end
+
+ unless response_type_valid?
+ raise OAuth2::Provider::Rack::InvalidRequest, 'response_type should be code/token'
+ end
+
unless client_id
raise OAuth2::Provider::Rack::InvalidRequest, 'No client_id provided'
end
View
4 lib/oauth2/provider/rack/responses.rb
@@ -24,6 +24,10 @@ def self.redirect_with_code(code, uri)
[302, {'Location' => append_to_uri(uri, :code => code)}, []]
end
+ def self.redirect_with_hash_params(uri, params)
+ [302, {'Location' => append_to_uri(uri) + "##{params.to_query}"}, []]
+ end
+
def insufficient_scope!
throw_response OAuth2::Provider::Rack::Responses.json_error('insufficient_scope', :status => 403)
end
View
10 spec/requests/authorization_code_request_spec.rb
@@ -6,7 +6,8 @@
@client = OAuth2::Provider.client_class.create! :name => 'client'
@valid_params = {
'client_id' => @client.oauth_identifier,
- 'redirect_uri' => "https://redirect.example.com/callback"
+ 'redirect_uri' => "https://redirect.example.com/callback",
+ 'response_type' => 'code'
}
end
@@ -66,6 +67,7 @@
@request = OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
'client_id' => @client.oauth_identifier,
'redirect_uri' => "https://redirect.example.com/callback",
+ 'response_type' => 'code',
'scope' => @scope
)
end
@@ -116,7 +118,8 @@
@client = OAuth2::Provider.client_class.create! :name => 'client'
@valid_params = {
:client_id => @client.oauth_identifier,
- :redirect_uri => "https://redirect.example.com/callback"
+ :redirect_uri => "https://redirect.example.com/callback",
+ :response_type => 'code'
}
@owner = create_resource_owner
end
@@ -219,7 +222,8 @@
@client = OAuth2::Provider.client_class.create! :name => 'client', :oauth_redirect_uri => "https://redirect.example.com/callback"
@valid_params = {
:client_id => @client.oauth_identifier,
- :redirect_uri => "https://redirect.example.com/callback"
+ :redirect_uri => "https://redirect.example.com/callback",
+ :response_type => 'code'
}
end

0 comments on commit 4ae009c

Please sign in to comment.
Something went wrong with that request. Please try again.