Skip to content

Server Resource Endpoint

nov edited this page Oct 8, 2022 · 3 revisions

rack-oauth2 provide OAuth2 Protected Resource Endpoint as a rack application.

Probably setting it as rack middleware is the most simple way in rails.

config.middleware.use Rack::OAuth2::Server::Resource::Bearer do |req|
  AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
end

The middleware will catch any rack-oauth2 errors raised in your application, and return OAuth2 formatted error response.

There are 4 resource endpoint error classes defined.

  • Rack::OAuth2::Server::Resource::BadRequest
  • Rack::OAuth2::Server::Resource::Forbidden
  • Rack::OAuth2::Server::Resource::Bearer::Unauthorized

In rack applications, you can also call protocol-defined error methods.

Clone this wiki locally