class Rack::OAuth2::Server::AccessGrant
The access grant is a nonce, new grant created each time we need it and good for redeeming one access token.
Attributes
_id[R]
Authorization code. We are nothing without it.
access_token[RW]
Access token created from this grant. Set and spent.
client_id[R]
Client
that was granted this access token.
code[R]
Authorization code. We are nothing without it.
created_at[R]
Does what it says on the label.
expires_at[RW]
Tells us when this grant expires.
granted_at[RW]
Tells us when (and if) access token was created.
identity[R]
The identity we authorized access to.
redirect_uri[R]
Redirect URI for this grant.
revoked[RW]
Timestamp if revoked.
scope[R]
The scope requested in this grant.
Public Class Methods
collection()
click to toggle source
# File lib/rack/oauth2/models/access_grant.rb, line 27 def collection prefix = Server.options[:collection_prefix] Server.database["#{prefix}.access_grants"] end
create(identity, client, scope, redirect_uri = nil, expires = nil)
click to toggle source
Create a new access grant.
# File lib/rack/oauth2/models/access_grant.rb, line 15 def create(identity, client, scope, redirect_uri = nil, expires = nil) raise ArgumentError, "Identity must be String or Integer" unless String === identity || Integer === identity scope = Utils.normalize_scope(scope) & client.scope # Only allowed scope expires_at = Time.now.to_i + (expires || 300) fields = { :_id=>Server.secure_random, :identity=>identity, :scope=>scope, :client_id=>client.id, :redirect_uri=>client.redirect_uri || redirect_uri, :created_at=>Time.now.to_i, :expires_at=>expires_at, :granted_at=>nil, :access_token=>nil, :revoked=>nil } collection.insert fields Server.new_instance self, fields end
from_code(code)
click to toggle source
Find AccessGrant
from authentication code.
# File lib/rack/oauth2/models/access_grant.rb, line 10 def from_code(code) Server.new_instance self, collection.find_one({ :_id=>code, :revoked=>nil }) end
Public Instance Methods
revoke!()
click to toggle source
# File lib/rack/oauth2/models/access_grant.rb, line 73 def revoke! self.revoked = Time.now.to_i self.class.collection.update({ :_id=>code, :revoked=>nil }, { :$set=>{ :revoked=>revoked } }) end