Find client by id for access_grant and auth_request.

theplant · Jul 19, 2013 · eecb78d · eecb78d
1 parent 8916462
commit eecb78d
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/lib/rack/oauth2/models/active_record/access_grant.rb b/lib/rack/oauth2/models/active_record/access_grant.rb
@@ -17,7 +17,7 @@ def create(identity, client, scope, redirect_uri = nil, expires = nil)
             scope = Utils.normalize_scope(scope) & client.scope # Only allowed scope
             expires_at = Time.now.to_i + (expires || 300)
             fields = { :code=>Server.secure_random, :identity=>identity, :scope=>scope,
-                       :client_id=>client.client_id, :redirect_uri=>client.redirect_uri || redirect_uri,
+                       :client_id=>client.id, :redirect_uri=>client.redirect_uri || redirect_uri,
                        :expires_at=>expires_at, :granted_at=>nil,
                        :access_token=>nil, :revoked=>nil }
 
@@ -60,7 +60,7 @@ def collection
         def authorize!(expires_in = nil)
           self.class.transaction do
             raise InvalidGrantError, "You can't use the same access grant twice" if self.access_token || self.revoked
-            client = Client.find_by_client_id(client_id) or raise InvalidGrantError
+            client = Client.find(client_id) or raise InvalidGrantError
             access_token = AccessToken.get_token_for(identity, client, scope, expires_in)
             self.access_token = access_token.token
             self.granted_at = Time.now.to_i

diff --git a/lib/rack/oauth2/models/active_record/auth_request.rb b/lib/rack/oauth2/models/active_record/auth_request.rb
@@ -15,7 +15,7 @@ class << self
           # and any state value to pass back in that redirect.
           def create(client, scope, redirect_uri, response_type, state)
             scope = Utils.normalize_scope(scope) & client.scope # Only allowed scope
-            fields = { :client_id=>client.client_id, :scope=>scope.join(","), :redirect_uri=>client.redirect_uri || redirect_uri,
+            fields = { :client_id=>client.id, :scope=>scope.join(","), :redirect_uri=>client.redirect_uri || redirect_uri,
                        :response_type=>response_type, :state=>state,
                        :grant_code=>nil, :authorized_at=>nil,
                        :revoked=>nil }
@@ -56,7 +56,7 @@ def collection
         def grant!(identity, expires_in = nil)
           raise ArgumentError, "Must supply a identity" unless identity
           return if revoked?
-          client = Client.find_by_client_id(client_id) or return
+          client = Client.find(client_id) or return
 
           self.class.transaction do
             self.authorized_at = Time.now.to_i

diff --git a/lib/rack/oauth2/server.rb b/lib/rack/oauth2/server.rb
@@ -30,7 +30,7 @@ def get_auth_request(authorization)
         # @return [Client]
         def get_client(client_id)
           return client_id if Client === client_id
-          Client.find_by_client_id(client_id)
+          Client.find(client_id)
         end
 
         # Registers and returns a new Client. Can also be used to update
@@ -189,7 +189,7 @@ def get_issuer(identifier)
       #   end
       #
       # Assertion handler is a hash of blocks keyed by assertion_type.  Blocks receive
-      # three parameters: the client, the assertion, and the scope.  If authenticated, 
+      # three parameters: the client, the assertion, and the scope.  If authenticated,
       # it returns an identity.  Otherwise it can return nil or false.  For example:
       #   oauth.assertion_handler['facebook.com'] = lambda do |client, assertion, scope|
       #     facebook = URI.parse('https://graph.facebook.com/me?access_token=' + assertion)
@@ -202,7 +202,7 @@ def get_issuer(identifier)
       # type, no error will result.
       #
       Options = Struct.new(:access_token_path, :authenticator, :assertion_handler, :authorization_types,
-        :authorize_path, :database, :host, :param_authentication, :path, :realm, 
+        :authorize_path, :database, :host, :param_authentication, :path, :realm,
         :expires_in,:logger, :collection_prefix, :store)
 
       # Global options. This is what we set during configuration (e.g. Rails'
@@ -466,7 +466,7 @@ def respond_with_access_token(request, logger)
         rescue OAuthError=>error
           logger.error "RO2S: Access token request error #{error.code}: #{error.message}" if logger
           return unauthorized(request, error) if InvalidClientError === error && request.basic?
-          return [400, { "Content-Type"=>"application/json", "Cache-Control"=>"no-store" }, 
+          return [400, { "Content-Type"=>"application/json", "Cache-Control"=>"no-store" },
                   [{ :error=>error.code, :error_description=>error.message }.to_json]]
         end
       end
@@ -482,7 +482,7 @@ def get_client(request, options={})
         else
           client_id, client_secret = request.GET.values_at("client_id", "client_secret")
         end
-        client = self.class.get_client(client_id)
+        client = Client.find_by_client_id(client_id)
         raise InvalidClientError if !client
         unless options[:dont_authenticate]
           raise InvalidClientError unless client.secret == client_secret