class Rack::OAuth2::Server::Client

Public Class Methods

lookup(field) click to toggle source

Lookup client by ID, display name or URL.

# File lib/rack/oauth2/models/client.rb, line 61
def self.lookup(field)
  find_by_id(field) || find_by_code(field) || find_by_display_name(field) || find_by_link(field)
end

Public Instance Methods

assign_code_and_secret() click to toggle source

Create a new client. Client provides the following properties: # :display_name – Name to show (e.g. UberClient) # :link – Link to client Web site (e.g. uberclient.dot) # :image_url – URL of image to show alongside display name # :redirect_uri – Registered redirect URI. # :scope – List of names the client is allowed to request. # :notes – Free form text.

This method does not validate any of these fields, in fact, you're not required to set them, use them, or use them as suggested. Using them as suggested would result in better user experience. Don't ask how we learned that. def self.create(args)

unless args[:redirect_uri].blank?
  redirect_uri = Server::Utils.parse_redirect_uri(args.delete(:redirect_uri)).to_s
end

scope = Server::Utils.normalize_scope(args[:scope])
args.merge!({:redirect_uri => redirect_uri})

if args[:id] && args[:secret]
  args[:code] = args.delete(:id)
  super(args)
else
  args[:secret] = Server.secure_random
  super(args)
end

end

# File lib/rack/oauth2/models/client.rb, line 51
def assign_code_and_secret
  self.code = Server.secure_random[0,20]
  self.secret = Server.secure_random
end
redirect_url=(url) click to toggle source
# File lib/rack/oauth2/models/client.rb, line 56
def redirect_url=(url)
  self[:redirect_uri] = Server::Utils.parse_redirect_uri(url).to_s
end
revoke!() click to toggle source

Revoke all authorization requests, access grants and access tokens for this client. Ward off the evil.

# File lib/rack/oauth2/models/client.rb, line 72
def revoke!
  revoked_at = Time.now
  update_attribute(:revoked, revoked_at)
  # can we use the association here
  AuthRequest.update_all(:revoked=>revoked_at, :client_id=>id)
  AccessGrant.update_all(:revoked=>revoked_at, :client_id=>id)
  AccessToken.update_all(:revoked=>revoked_at, :client_id=>id)
end