module Grape::OAuth2::Helpers::AccessTokenHelpers
Public Instance Methods
access_token_required!(*scopes)
click to toggle source
Adds OAuth2
Access Token protection for Grape
routes.
@param scopes [Array]
set of scopes required to access the endpoint
@raise [Rack::OAuth2::Server::Resource::Bearer::Unauthorized]
invalid Access Token value
@raise [Rack::OAuth2::Server::Resource::Bearer::Forbidden]
Access Token expired, revoked or does't have required scopes
# File lib/grape_oauth2/helpers/access_token_helpers.rb, line 18 def access_token_required!(*scopes) endpoint_scopes = env['api.endpoint'].options[:route_options][:scopes] required_scopes = endpoint_scopes.presence || scopes raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized if current_access_token.nil? raise Rack::OAuth2::Server::Resource::Bearer::Forbidden unless valid_access_token?(required_scopes) end
current_access_token()
click to toggle source
Returns Access Token instance found by access_token value passed with the request.
# File lib/grape_oauth2/helpers/access_token_helpers.rb, line 34 def current_access_token @_current_access_token ||= request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] end
current_resource_owner()
click to toggle source
Returns Resource Owner from the Access Token found by access_token value passed with the request.
# File lib/grape_oauth2/helpers/access_token_helpers.rb, line 28 def current_resource_owner @_current_resource_owner ||= current_access_token.resource_owner end
valid_access_token?(scopes)
click to toggle source
Validate current access token not to be expired or revoked and has all the requested scopes.
@return [Boolean]
true if current Access Token not expired, not revoked and scopes match false in other cases.
# File lib/grape_oauth2/helpers/access_token_helpers.rb, line 45 def valid_access_token?(scopes) !current_access_token.revoked? && !current_access_token.expired? && Grape::OAuth2.config.scopes_validator.new(scopes).valid_for?(current_access_token) end