class Unimatrix::Authorization::RequiresResourceOwner

Public Instance Methods

before( controller ) click to toggle source
# File lib/unimatrix/authorization/filters/requires_resource_owner.rb, line 5
def before( controller )
  client_id     = Unimatrix.configuration.client_id
  client_secret = Unimatrix.configuration.client_secret

  access_token =
    if controller.params[ 'access_token' ].present?
      controller.params[ 'access_token' ]
    else
      controller.retrieve_client_token( client_id, client_secret )
    end

  if access_token.present?
    resource_owner = controller.retrieve_resource_owner( access_token )

    if resource_owner.present? && resource_owner.is_a?( Array ) &&
       resource_owner.first.type_name == 'resource_owner'
      controller.resource_owner = resource_owner
    else
      controller.render_error( ::MissingPolicyError )
    end
  else
    controller.render_error( ::MissingTokenError )
  end
end