X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/1c3a9ee62b7d1a0dc97d52b1a498be1339d49ebf..1d49b0d71df85ca7f6d049c2ccd2bed0999f2a79:/app/models/request_token.rb?ds=sidebyside diff --git a/app/models/request_token.rb b/app/models/request_token.rb index 0044dde26..c0f019486 100644 --- a/app/models/request_token.rb +++ b/app/models/request_token.rb @@ -1,13 +1,12 @@ class RequestToken < OauthToken - attr_accessor :provided_oauth_verifier def authorize!(user) return false if authorized? self.user = user self.authorized_at = Time.now - self.verifier = OAuth::Helper.generate_key(16)[0,20] unless oauth10? - self.save + self.verifier = OAuth::Helper.generate_key(20)[0, 20] unless oauth10? + save end def exchange! @@ -17,9 +16,9 @@ class RequestToken < OauthToken RequestToken.transaction do params = { :user => user, :client_application => client_application } # copy the permissions from the authorised request token to the access token - client_application.permissions.each { |p| - params[p] = read_attribute(p) - } + client_application.permissions.each do |p| + params[p] = self[p] + end access_token = AccessToken.create(params) invalidate! @@ -36,11 +35,10 @@ class RequestToken < OauthToken end def oob? - self.callback_url=='oob' + callback_url.nil? || callback_url.casecmp("oob").zero? end def oauth10? - (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank? + (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && callback_url.blank? end - end