lib/doorkeeper/helpers/controller.rb
# frozen_string_literal: true # Define methods that can be called in any controller that inherits from # Doorkeeper::ApplicationMetalController or Doorkeeper::ApplicationController module Doorkeeper module Helpers # Rails controller helpers. # module Controller private # :doc: def authenticate_resource_owner! current_resource_owner end # :doc: def current_resource_owner @current_resource_owner ||= begin instance_eval(&Doorkeeper.configuration.authenticate_resource_owner) end end def resource_owner_from_credentials instance_eval(&Doorkeeper.configuration.resource_owner_from_credentials) end # :doc: def authenticate_admin! instance_eval(&Doorkeeper.configuration.authenticate_admin) end def server @server ||= Server.new(self) end # :doc: def doorkeeper_token @doorkeeper_token ||= OAuth::Token.authenticate request, *config_methods end def config_methods @config_methods ||= Doorkeeper.configuration.access_token_methods end def get_error_response_from_exception(exception) if exception.respond_to?(:response) exception.response elsif exception.type == :invalid_request OAuth::InvalidRequestResponse.new(name: exception.type, state: params[:state], missing_param: exception.missing_param) else OAuth::ErrorResponse.new(name: exception.type, state: params[:state]) end end def handle_token_exception(exception) error = get_error_response_from_exception exception headers.merge! error.headers self.response_body = error.body.to_json self.status = error.status end def skip_authorization? !!instance_exec( [server.current_resource_owner, @pre_auth.client], &Doorkeeper.configuration.skip_authorization ) end def enforce_content_type if (request.put? || request.post? || request.patch?) && !x_www_form_urlencoded? render json: {}, status: :unsupported_media_type end end def x_www_form_urlencoded? request.content_type == "application/x-www-form-urlencoded" end end end end