43 lines
1.1 KiB
Ruby
43 lines
1.1 KiB
Ruby
require 'travis/api/app'
|
|
|
|
class Travis::Api::App
|
|
class Middleware
|
|
# Checks access tokens and sets appropriate scopes.
|
|
class ScopeCheck < Middleware
|
|
before do
|
|
next unless token
|
|
access_token = AccessToken.find_by_token(token)
|
|
halt 403, 'access denied' unless access_token
|
|
env['travis.access_token'] = access_token
|
|
end
|
|
|
|
after do
|
|
headers['X-OAuth-Scopes'] ||= begin
|
|
scopes = Array(env['travis.access_token'].try(:scopes))
|
|
scopes.map(&:to_s).join(',')
|
|
end
|
|
end
|
|
|
|
def token
|
|
@token ||= header_token || query_token
|
|
end
|
|
|
|
private
|
|
|
|
def query_token
|
|
params[:access_token] if params[:access_token] and not params[:access_token].empty?
|
|
end
|
|
|
|
def header_token
|
|
type, payload = env['HTTP_AUTHORIZATION'].to_s.split(" ", 2)
|
|
return if payload.nil? or payload.empty?
|
|
|
|
case type.downcase
|
|
when 'basic' then payload.unpack("m").first.split(':', 2).first
|
|
when 'token' then payload.gsub(/^"(.+)"$/, '\1')
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|