Skip to content

Commit

Permalink
Do not run Doorkeper's authorization method if oauth2 scope is set to…
Browse files Browse the repository at this point in the history 
… 'false'. Particularily useful when using WineBouncer in the grape-swagger for hiding certain endpoints for different kind of users. In this case oauth2 'false' is set on the GET swagger_doc endpoint making the doorkeeper_access_token available further in the process of building API endpoints.
  • Loading branch information
@texpert
texpert committed Aug 12, 2016
1 parent 323438f commit 49d4b33
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion lib/wine_bouncer/oauth2.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,8 @@ def before
context.protected_endpoint = endpoint_protected?
return unless context.protected_endpoint?
self.doorkeeper_request = env # set request for later use.
doorkeeper_authorize!(*auth_scopes)
scopes = auth_scopes
doorkeeper_authorize!(*scopes) unless scopes.include? :false
context.doorkeeper_access_token = doorkeeper_token
end

Expand Down

0 comments on commit 49d4b33

Please sign in to comment.