File: error.rb

package info (click to toggle)
ruby-rack-oauth2 2.3.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 564 kB
  • sloc: ruby: 4,038; makefile: 4
file content (82 lines) | stat: -rw-r--r-- 2,874 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
module Rack
  module OAuth2
    module Server
      class Resource
        class BadRequest < Abstract::BadRequest
        end

        class Unauthorized < Abstract::Unauthorized
          def scheme
            raise 'Define me!'
          end

          def finish
            super do |response|
              self.realm ||= DEFAULT_REALM
              headers = response.headers['WWW-Authenticate'] = "#{scheme} realm=\"#{realm}\""
              if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
                headers << ", error=\"#{error}\""
                headers << ", error_description=\"#{description}\"" if description.present?
                headers << ", error_uri=\"#{uri}\""                 if uri.present?
              end
              headers << ", resource_metadata=\"#{resource_metadata}\"" if resource_metadata.present?
            end
          end
        end

        class Forbidden < Abstract::Forbidden
          attr_accessor :scope

          def initialize(error = :forbidden, description = nil, options = {})
            super
            @scope = options[:scope]
          end

          def protocol_params
            super.merge(scope: Array(scope).join(' '))
          end
        end

        module ErrorMethods
          DEFAULT_DESCRIPTION = {
            invalid_request: "The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed.",
            invalid_token: "The access token provided is expired, revoked, malformed or invalid for other reasons.",
            insufficient_scope: "The request requires higher privileges than provided by the access token."
          }

          def self.included(klass)
            DEFAULT_DESCRIPTION.each do |error, default_description|
              error_method = case error
              when :invalid_request
                :bad_request!
              when :insufficient_scope
                :forbidden!
              else
                :unauthorized!
              end
              klass.class_eval <<-ERROR
                def #{error}!(description = "#{default_description}", options = {})
                  #{error_method} :#{error}, description, options
                end
              ERROR
            end
          end

          def bad_request!(error, description = nil, options = {})
            raise BadRequest.new(error, description, options)
          end

          def unauthorized!(error = nil, description = nil, options = {})
            raise 'Define me!'
          end

          def forbidden!(error, description = nil, options = {})
            raise Forbidden.new(error, description, options)
          end
        end

        Request.send :include, ErrorMethods
      end
    end
  end
end