-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Expand file tree
/
Copy pathtokens_controller.rb
More file actions
45 lines (40 loc) · 1.43 KB
/
tokens_controller.rb
File metadata and controls
45 lines (40 loc) · 1.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
module Doorkeeper
class TokensController < Doorkeeper::ApplicationMetalController
def create
response = authorize_response
headers.merge! response.headers
self.response_body = response.body.to_json
self.status = response.status
rescue Errors::DoorkeeperError => e
handle_token_exception e
end
# OAuth 2.0 Token Revocation - http://tools.ietf.org/html/rfc7009
def revoke
# The authorization server first validates the client credentials
if doorkeeper_token && doorkeeper_token.accessible?
# Doorkeeper does not use the token_type_hint logic described in the RFC 7009
# due to the refresh token implementation that is a field in the access token model.
revoke_token(request.POST['token']) if request.POST['token']
end
# The authorization server responds with HTTP status code 200 if the
# token has been revoked successfully or if the client submitted an invalid token
render json: {}, status: 200
end
private
def revoke_token(token)
token = AccessToken.by_token(token) || AccessToken.by_refresh_token(token)
if token && doorkeeper_token.same_credential?(token)
token.revoke
true
else
false
end
end
def strategy
@strategy ||= server.token_request params[:grant_type]
end
def authorize_response
@authorize_response ||= strategy.authorize
end
end
end