lib/doorkeeper/rails/helpers.rb
# frozen_string_literal: true
module Doorkeeper
module Rails
module Helpers
def doorkeeper_authorize!(*scopes)
@_doorkeeper_scopes = scopes.presence || Doorkeeper.config.default_scopes
doorkeeper_render_error unless valid_doorkeeper_token?
end
def doorkeeper_unauthorized_render_options(**); end
def doorkeeper_forbidden_render_options(**); end
def valid_doorkeeper_token?
doorkeeper_token&.acceptable?(@_doorkeeper_scopes)
end
private
def doorkeeper_render_error
error = doorkeeper_error
error.raise_exception! if Doorkeeper.config.raise_on_errors?
headers.merge!(error.headers.reject { |k| k == "Content-Type" })
doorkeeper_render_error_with(error)
end
def doorkeeper_render_error_with(error)
options = doorkeeper_render_options(error) || {}
status = doorkeeper_status_for_error(
error, options.delete(:respond_not_found_when_forbidden),
)
if options.blank?
head status
else
options[:status] = status
options[:layout] = false if options[:layout].nil?
render options
end
end
def doorkeeper_error
if doorkeeper_invalid_token_response?
OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
else
OAuth::ForbiddenTokenResponse.from_scopes(@_doorkeeper_scopes)
end
end
def doorkeeper_render_options(error)
if doorkeeper_invalid_token_response?
doorkeeper_unauthorized_render_options(error: error)
else
doorkeeper_forbidden_render_options(error: error)
end
end
def doorkeeper_status_for_error(error, respond_not_found_when_forbidden)
if respond_not_found_when_forbidden && error.status == :forbidden
:not_found
else
error.status
end
end
def doorkeeper_invalid_token_response?
!doorkeeper_token || !doorkeeper_token.accessible?
end
def doorkeeper_token
@doorkeeper_token ||= OAuth::Token.authenticate(
request,
*Doorkeeper.config.access_token_methods,
)
end
end
end
end