lib/doorkeeper/oauth/authorization_code_request.rb
module Doorkeeper module OAuth class AuthorizationCodeRequest include Doorkeeper::Validations validate :attributes, :error => :invalid_request validate :client, :error => :invalid_client validate :grant, :error => :invalid_grant validate :redirect_uri, :error => :invalid_grant attr_accessor :server, :grant, :client, :redirect_uri def initialize(server, grant, client, parameters = {}) @server = server @client = client @grant = grant @redirect_uri = parameters[:redirect_uri] end def authorize validate @response = if valid? grant.revoke find_or_create_access_token TokenResponse.new access_token else ErrorResponse.from_request self end end def valid? self.error.nil? end def access_token @access_token ||= Doorkeeper::AccessToken.matching_token_for client, grant.resource_owner_id, grant.scopes end private def find_or_create_access_token if access_token access_token.expired? ? revoke_and_create_access_token : access_token else create_access_token end end def revoke_and_create_access_token access_token.revoke create_access_token end def create_access_token @access_token = Doorkeeper::AccessToken.create!({ :application_id => grant.application_id, :resource_owner_id => grant.resource_owner_id, :scopes => grant.scopes_string, :expires_in => server.access_token_expires_in, :use_refresh_token => server.refresh_token_enabled? }) end def validate_attributes redirect_uri.present? end def validate_client !!client end def validate_grant return false unless grant && grant.application_id == client.id grant.accessible? end def validate_redirect_uri grant.redirect_uri == redirect_uri end end end end