Permalink
Browse files

Add client_credentials grant type

  • Loading branch information...
1 parent 8fba382 commit 6d1234beacbffb73fb8f015119d9347953dd6f95 @mandrews mandrews committed Jan 9, 2012
View
1 lib/oauth2.rb
@@ -3,5 +3,6 @@
require 'oauth2/strategy/base'
require 'oauth2/strategy/auth_code'
require 'oauth2/strategy/password'
+require 'oauth2/strategy/client_credentials'
require 'oauth2/access_token'
require 'oauth2/response'
View
7 lib/oauth2/client.rb
@@ -143,5 +143,12 @@ def auth_code
def password
@password ||= OAuth2::Strategy::Password.new(self)
end
+
+ # The Client Credentials strategy
+ #
+ # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
+ def client_credentials
+ @client_credentials ||= OAuth2::Strategy::ClientCredentials.new(self)
+ end
end
end
View
24 lib/oauth2/strategy/client_credentials.rb
@@ -0,0 +1,24 @@
+module OAuth2
+ module Strategy
+ # The Client Credentials Strategy
+ #
+ # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
+ class ClientCredentials < Base
+ # Not used for this strategy
+ #
+ # @raise [NotImplementedError]
+ def authorize_url
+ raise NotImplementedError, "The authorization endpoint is not used in this strategy"
+ end
+
+ # Retrieve an access token given the specified client.
+ #
+ # @param [Hash] params additional params
+ # @param [Hash] opts options
+ def get_token(params={}, opts={})
+ params = {'grant_type' => 'client_credentials'}.merge(client_params).merge(params)
+ @client.get_token(params, opts.merge('refresh_token' => nil))
+ end
+ end
+ end
+end
View
59 spec/oauth2/strategy/client_credentials_spec.rb
@@ -0,0 +1,59 @@
+require 'helper'
+
+describe OAuth2::Strategy::ClientCredentials do
+ let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
+ let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
+
+ let(:client) do
+ OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+ builder.adapter :test do |stub|
+ stub.post('/oauth/token', {'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials'}) do |env|
+ case @mode
+ when "formencoded"
+ [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+ when "json"
+ [200, {'Content-Type' => 'application/json'}, json_token]
+ end
+ end
+ end
+ end
+ end
+
+ subject {client.client_credentials}
+
+ describe "#authorize_url" do
+ it "should raise NotImplementedError" do
+ lambda {subject.authorize_url}.should raise_error(NotImplementedError)
+ end
+ end
+
+ %w(json formencoded).each do |mode|
+ describe "#get_token (#{mode})" do
+ before do
+ @mode = mode
+ @access = subject.get_token
+ end
+
+ it 'returns AccessToken with same Client' do
+ @access.client.should == client
+ end
+
+ it 'returns AccessToken with #token' do
+ @access.token.should == 'salmon'
+ end
+
+ it 'returns AccessToken without #refresh_token' do
+ @access.refresh_token.should be_nil
+ end
+
+ it 'returns AccessToken with #expires_in' do
+ @access.expires_in.should == 600
+ end
+
+ it 'returns AccessToken with #expires_at' do
+ @access.expires_at.should_not be_nil
+ end
+ end
+ end
+
+end

0 comments on commit 6d1234b

Please sign in to comment.