class Doorkeeper::OAuth::PasswordAccessTokenRequest

Attributes

access_token[R]
client[R]
credentials[R]
parameters[R]
resource_owner[R]

Public Class Methods

new(server, client, credentials, resource_owner, parameters = {}) click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 15
def initialize(server, client, credentials, resource_owner, parameters = {})
  @server          = server
  @resource_owner  = resource_owner
  @client          = client
  @credentials     = credentials
  @parameters      = parameters
  @original_scopes = parameters[:scope]
  @grant_type      = Doorkeeper::OAuth::PASSWORD
end

Private Instance Methods

before_successful_response() click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 27
def before_successful_response
  find_or_create_access_token(client, resource_owner, scopes, {}, server)
  super
end
validate_client() click to toggle source

Section 4.3.2. Access Token Request for Resource Owner Password Credentials Grant:

If the client type is confidential or the client was issued client credentials (or assigned
other authentication requirements), the client MUST authenticate with the authorization
server as described in Section 3.2.1.

The authorization server MUST:

 o  require client authentication for confidential clients or for any  client that was
    issued client credentials (or with other authentication requirements)

 o  authenticate the client if client authentication is included,

@see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 62
def validate_client
  if Doorkeeper.config.skip_client_authentication_for_password_grant
    client.present? || (!parameters[:client_id] && credentials.blank?)
  else
    client.present?
  end
end
validate_client_supports_grant_flow() click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 70
def validate_client_supports_grant_flow
  Doorkeeper.config.allow_grant_flow_for_client?(grant_type, client&.application)
end
validate_resource_owner() click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 43
def validate_resource_owner
  resource_owner.present?
end
validate_scopes() click to toggle source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 32
def validate_scopes
  return true if scopes.blank?

  ScopeChecker.valid?(
    scope_str: scopes.to_s,
    server_scopes: server.scopes,
    app_scopes: client.try(:scopes),
    grant_type: grant_type,
  )
end