File: controller.rb

package info (click to toggle)
ruby-doorkeeper 5.8.2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 992 kB
  • sloc: ruby: 4,644; makefile: 4
file content (89 lines) | stat: -rw-r--r-- 2,479 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
# frozen_string_literal: true

# Define methods that can be called in any controller that inherits from
# Doorkeeper::ApplicationMetalController or Doorkeeper::ApplicationController
module Doorkeeper
  module Helpers
    # Rails controller helpers.
    #
    module Controller
      private

      # :doc:
      def authenticate_resource_owner!
        current_resource_owner
      end

      # :doc:
      def current_resource_owner
        return @current_resource_owner if defined?(@current_resource_owner)

        @current_resource_owner ||= begin
          instance_eval(&Doorkeeper.config.authenticate_resource_owner)
        end
      end

      def resource_owner_from_credentials
        instance_eval(&Doorkeeper.config.resource_owner_from_credentials)
      end

      # :doc:
      def authenticate_admin!
        instance_eval(&Doorkeeper.config.authenticate_admin)
      end

      def server
        @server ||= Server.new(self)
      end

      # :doc:
      def doorkeeper_token
        return @doorkeeper_token if defined?(@doorkeeper_token)

        @doorkeeper_token ||= OAuth::Token.authenticate(request, *config_methods)
      end

      def config_methods
        @config_methods ||= Doorkeeper.config.access_token_methods
      end

      def get_error_response_from_exception(exception)
        if exception.respond_to?(:response)
          exception.response
        elsif exception.type == :invalid_request
          OAuth::InvalidRequestResponse.new(
            name: exception.type,
            state: params[:state],
            missing_param: exception.missing_param,
          )
        else
          OAuth::ErrorResponse.new(name: exception.type, state: params[:state])
        end
      end

      def handle_token_exception(exception)
        error = get_error_response_from_exception(exception)
        headers.merge!(error.headers)
        self.response_body = error.body.to_json
        self.status = error.status
      end

      def skip_authorization?
        !!instance_exec(
          [server.current_resource_owner, @pre_auth.client],
          &Doorkeeper.config.skip_authorization
        )
      end

      def enforce_content_type
        if (request.put? || request.post? || request.patch?) && !x_www_form_urlencoded?
          render json: {}, status: :unsupported_media_type
        end
      end

      def x_www_form_urlencoded?
        request.media_type == "application/x-www-form-urlencoded"
      end
    end
  end
end