X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/7b89dc63496de0b6131a93c57d283ebb4490804b..c8fc2218e5e342ad7afc9409974fd48a733ba94b:/app/models/oauth2_verifier.rb?ds=sidebyside diff --git a/app/models/oauth2_verifier.rb b/app/models/oauth2_verifier.rb index 94856d0d8..1613eabeb 100644 --- a/app/models/oauth2_verifier.rb +++ b/app/models/oauth2_verifier.rb @@ -1,10 +1,48 @@ +# == Schema Information +# +# Table name: oauth_tokens +# +# id :integer not null, primary key +# user_id :integer +# type :string(20) +# client_application_id :integer +# token :string(50) +# secret :string(50) +# authorized_at :datetime +# invalidated_at :datetime +# created_at :datetime +# updated_at :datetime +# allow_read_prefs :boolean default(FALSE), not null +# allow_write_prefs :boolean default(FALSE), not null +# allow_write_diary :boolean default(FALSE), not null +# allow_write_api :boolean default(FALSE), not null +# allow_read_gpx :boolean default(FALSE), not null +# allow_write_gpx :boolean default(FALSE), not null +# callback_url :string +# verifier :string(20) +# scope :string +# valid_to :datetime +# allow_write_notes :boolean default(FALSE), not null +# +# Indexes +# +# index_oauth_tokens_on_token (token) UNIQUE +# index_oauth_tokens_on_user_id (user_id) +# +# Foreign Keys +# +# oauth_tokens_client_application_id_fkey (client_application_id => client_applications.id) +# oauth_tokens_user_id_fkey (user_id => users.id) +# + class Oauth2Verifier < OauthToken - validates_presence_of :user + validates :user, :presence => true, :associated => true + attr_accessor :state - def exchange!(params={}) + def exchange!(_params = {}) OauthToken.transaction do - token = Oauth2Token.create! :user=>user,:client_application=>client_application, :scope => scope + token = Oauth2Token.create! :user => user, :client_application => client_application, :scope => scope invalidate! token end @@ -20,15 +58,15 @@ class Oauth2Verifier < OauthToken def to_query q = "code=#{token}" - q << "&state=#{URI.escape(state)}" if @state + q << "&state=#{CGI.escape(state)}" if @state q end protected def generate_keys - self.token = OAuth::Helper.generate_key(20)[0,20] + self.token = OAuth::Helper.generate_key(20)[0, 20] self.expires_at = 10.minutes.from_now - self.authorized_at = Time.now + self.authorized_at = Time.now.utc end end