class Simple::OAuth2::Strategies::RefreshToken

Refresh Token strategy class Processes request and respond with Access Token

Public Class Methods

process(request) click to toggle source

Processes Refresh Token request

# File lib/simple_oauth2/strategies/refresh_token.rb, line 9
def process(request)
  client = token_verify_client!(request)
  refresh_token = verify_refresh_token!(request, client.id)

  token = config.access_token_class.create_for(
    client, refresh_token.resource_owner, request.scope.join(',')
  )
  run_callback_on_refresh_token(refresh_token) if config.on_refresh_runnable?

  expose_to_bearer_token(token)
end

Private Class Methods

run_callback_on_refresh_token(access_token) click to toggle source

Invokes custom callback on Access Token refresh. If callback is a proc, then call it with token. If access token responds to callback value (symbol for example), then call it from the token.

@param access_token [Object] Access Token instance

# File lib/simple_oauth2/strategies/refresh_token.rb, line 38
def run_callback_on_refresh_token(access_token)
  callback = config.on_refresh

  if callback.respond_to?(:call)
    callback.call(access_token)
  elsif access_token.respond_to?(callback)
    access_token.send(callback)
  else
    raise(ArgumentError, ":on_refresh is not a block and Access Token class doesn't respond to #{callback}!")
  end
end
verify_refresh_token!(request, client_id) click to toggle source

Check refresh token and client id for exact matching verifier

# File lib/simple_oauth2/strategies/refresh_token.rb, line 24
def verify_refresh_token!(request, client_id)
  refresh_token = config.access_token_class.by_refresh_token(request.refresh_token)
  refresh_token || request.invalid_grant!
  refresh_token.client_id == client_id || request.unauthorized_client!

  refresh_token
end