X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/b8f6dbd403507edd14f04f3151c285e232607360..89bd91e7d80531e5344427cdf2f98c58e8203737:/app/models/request_token.rb?ds=inline diff --git a/app/models/request_token.rb b/app/models/request_token.rb index 1be8c6902..0044dde26 100644 --- a/app/models/request_token.rb +++ b/app/models/request_token.rb @@ -1,19 +1,23 @@ class RequestToken < OauthToken + + attr_accessor :provided_oauth_verifier + def authorize!(user) return false if authorized? self.user = user self.authorized_at = Time.now + self.verifier = OAuth::Helper.generate_key(16)[0,20] unless oauth10? self.save end - + def exchange! return false unless authorized? + return false unless oauth10? || verifier == provided_oauth_verifier + RequestToken.transaction do - logger.info("£££ In exchange!") params = { :user => user, :client_application => client_application } # copy the permissions from the authorised request token to the access token - client_application.permissions.each { |p| - logger.info("£££ copying permission #{p} = #{read_attribute(p).inspect}") + client_application.permissions.each { |p| params[p] = read_attribute(p) } @@ -22,4 +26,21 @@ class RequestToken < OauthToken access_token end end + + def to_query + if oauth10? + super + else + "#{super}&oauth_callback_confirmed=true" + end + end + + def oob? + self.callback_url=='oob' + end + + def oauth10? + (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank? + end + end