class Doorkeeper::OAuth::PasswordAccessTokenRequest
Attributes
access_token[R]
client[R]
credentials[R]
parameters[R]
resource_owner[R]
Public Class Methods
new(server, client, credentials, resource_owner, parameters = {})
click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 15 def initialize(server, client, credentials, resource_owner, parameters = {}) @server = server @resource_owner = resource_owner @client = client @credentials = credentials @parameters = parameters @original_scopes = parameters[:scope] @grant_type = Doorkeeper::OAuth::PASSWORD end
Private Instance Methods
before_successful_response()
click to toggle source
Calls superclass method
Doorkeeper::OAuth::BaseRequest#before_successful_response
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 27 def before_successful_response find_or_create_access_token(client, resource_owner, scopes, {}, server) super end
validate_client()
click to toggle source
Section 4.3.2. Access Token
Request
for Resource Owner Password Credentials Grant:
If the client type is confidential or the client was issued client credentials (or assigned other authentication requirements), the client MUST authenticate with the authorization server as described in Section 3.2.1. The authorization server MUST: o require client authentication for confidential clients or for any client that was issued client credentials (or with other authentication requirements) o authenticate the client if client authentication is included, @see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 62 def validate_client if Doorkeeper.config.skip_client_authentication_for_password_grant client.present? || (!parameters[:client_id] && credentials.blank?) else client.present? end end
validate_client_supports_grant_flow()
click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 70 def validate_client_supports_grant_flow Doorkeeper.config.allow_grant_flow_for_client?(grant_type, client&.application) end
validate_resource_owner()
click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 43 def validate_resource_owner resource_owner.present? end
validate_scopes()
click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 32 def validate_scopes return true if scopes.blank? ScopeChecker.valid?( scope_str: scopes.to_s, server_scopes: server.scopes, app_scopes: client.try(:scopes), grant_type: grant_type, ) end