class Doorkeeper::OAuth::PasswordAccessTokenRequest
Attributes
Public Class Methods
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 15 def initialize(server, client, credentials, resource_owner, parameters = {}) @server = server @resource_owner = resource_owner @client = client @credentials = credentials @parameters = parameters @original_scopes = parameters[:scope] @grant_type = Doorkeeper::OAuth::PASSWORD end
Private Instance Methods
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 27 def before_successful_response find_or_create_access_token(client, resource_owner, scopes, {}, server) super end
Calls superclass method
Doorkeeper::OAuth::BaseRequest#before_successful_response
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 62 def validate_client if Doorkeeper.config.skip_client_authentication_for_password_grant client.present? || (!parameters[:client_id] && credentials.blank?) else client.present? end end
Section 4.3.2. Access Token
Request
for Resource Owner Password Credentials Grant:
If the client type is confidential or the client was issued client credentials (or assigned other authentication requirements), the client MUST authenticate with the authorization server as described in Section 3.2.1. The authorization server MUST: o require client authentication for confidential clients or for any client that was issued client credentials (or with other authentication requirements) o authenticate the client if client authentication is included, @see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 70 def validate_client_supports_grant_flow Doorkeeper.config.allow_grant_flow_for_client?(grant_type, client&.application) end
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 43 def validate_resource_owner resource_owner.present? end
Source
# File lib/doorkeeper/oauth/password_access_token_request.rb, line 32 def validate_scopes return true if scopes.blank? ScopeChecker.valid?( scope_str: scopes.to_s, server_scopes: server.scopes, app_scopes: client.try(:scopes), grant_type: grant_type, ) end