nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/lib/openid/authentication.rb
theworldbright efdfe318fd Add ability to get user info from access tokens
2016-01-04 16:48:42 +09:00

30 lines
807 B
Ruby
Raw Blame History

module Openid
module Authentication
def self.included(klass)
klass.send :include, Authentication::Helper
end
module Helper
def current_token
@current_token
end
end
def require_access_token
@current_token = request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
unless @current_token
raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new("Unauthorized user")
end
# TODO: This block is useless until we actually start checking for scopes
unless @current_token.try(:accessible?, required_scopes)
raise Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope)
end
end
# Scopes should be implemented here
def required_scopes
nil # as default
end
end
end
Reference in a new issue View git blame Copy permalink