Skip to content

Server Token Endpoint

Jump to bottom Edit New page
nov edited this page Oct 27, 2014 · 2 revisions

rack-oauth2 provide OAuth2 Token Endpoint as a rack application.

This is a sample token endpoint implementation. (just a concept code)

Rack::OAuth2::Server::Token.new do |req, res|
  client = Client.find_by_identifier(req.client_id) || req.invalid_client!
  client.secret == req.client_secret || req.invalid_client!
  res.access_token = case req.grant_type
  when :authorization_code
    code = AuthorizationCode.valid.find_by_token(req.code)
    code.present? && code.redirect_uri == req.redirect_uri || req.invalid_grant!
    code.access_token.to_bearer_token(:with_refresh_token)
  when :password
    account = Account.authenticate(req.username, req.password) || req.invalid_grant!
    account.access_tokens.create(:client => client).to_bearer_token(:with_refresh_token)
  when :client_credentials
    # NOTE: client is already authenticated here.
    client.access_tokens.create.to_bearer_token
  when :refresh_token
    refresh_token = client.refresh_tokens.valid.find_by_token(req.refresh_token)
    refresh_token.present? || req.invalid_grant!
    refresh_token.access_tokens.create.to_bearer_token
  else
    req.unsupported_grant_type!
  end
end

Basically, what you need is

  • If error, tell it to the req object.
  • If success, set an instance of Rack::OAuth2::AccessToken subclass (in most cases, Rack::OAuth2::AccessToken::Bearer) to req.access_token.

Request Verification

For token endpoint, rack-oauth2 doesn't provide any request verification helper methods. (If you need some, open an issue or pull-request please)

rack-oauth2 only provide protocol-defined error methods for token endpoint.

Add a custom footer
Add a custom sidebar
Clone this wiki locally