1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
module Rack
module OAuth2
module Server
class Resource
class Bearer < Resource
def _call(env)
self.request = Request.new(env)
super
end
private
class Request < Resource::Request
def setup!
tokens = [access_token_in_header, access_token_in_payload].compact
@access_token = case Array(tokens).size
when 1
tokens.first
else
invalid_request!('Both Authorization header and payload includes access token.')
end
self
end
def oauth2?
(access_token_in_header || access_token_in_payload).present?
end
def access_token_in_header
if @auth_header.provided? && !@auth_header.parts.first.nil? && @auth_header.scheme.to_s == 'bearer'
@auth_header.params
else
nil
end
end
def access_token_in_payload
params['access_token']
end
end
end
end
end
end
end
require 'rack/oauth2/server/resource/bearer/error'
|
