1 require "oauth/controllers/provider_controller"
3 class OauthController < ApplicationController
4 include OAuth::Controllers::ProviderController
14 def user_authorizes_token?
17 @token.client_application.permissions.each do |pref|
19 @token.write_attribute(pref, true)
22 @token.write_attribute(pref, false)
30 @token = current_user.oauth_tokens.find_by :token => params[:token]
33 flash[:notice] = t(".flash", :application => @token.client_application.name)
35 redirect_to oauth_clients_url(:display_name => @token.user.display_name)
41 override_content_security_policy_directives(:form_action => false)
43 if @token.invalidated?
44 @message = t "oauth.authorize_failure.invalid"
45 render :action => "authorize_failure"
47 if user_authorizes_token?
48 @token.authorize!(current_user)
49 callback_url = if @token.oauth10?
50 params[:oauth_callback] || @token.client_application.callback_url
52 @token.oob? ? @token.client_application.callback_url : @token.callback_url
54 @redirect_url = URI.parse(callback_url) if callback_url.present?
56 if @redirect_url.to_s.blank?
57 render :action => "authorize_success"
59 @redirect_url.query = if @redirect_url.query.blank?
60 "oauth_token=#{@token.token}"
63 "&oauth_token=#{@token.token}"
66 @redirect_url.query += "&oauth_verifier=#{@token.verifier}" unless @token.oauth10?
68 redirect_to @redirect_url.to_s
72 @message = t("oauth.authorize_failure.denied", :app_name => @token.client_application.name)
73 render :action => "authorize_failure"