Project

doorkeeper_scopes_per_flow

0.0
No commit activity in last 3 years
No release in over 3 years
doorkeeper_scopes_per_flowaiman86/doorkeeper_scopes_per_flowHomepageDocumentationSource CodeBug TrackerWiki
Doorkeeper extension to limit scopes available per flow/grant_type and specify a default one for each flow
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
3,019
Stars
7
Forks
2
Watchers
3
 Releases
Current version
0.0.1
Total releases
1
First release
2016-04-09
Latest release
2016-04-09
 Pull Requests
Open Pull Requests
2
Closed Pull Requests
0
Merged Pull Requests
0
Pull Request Acceptance Rate
0%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2016-04-09
Reverse Dependencies
0

 Dependencies

Runtime

activesupport-decorators
~> 2.1
doorkeeper
~> 3.1
rails
~> 4
 Project Readme

Doorkeeper Scopes per Flow

This extension enables you to specify what scopes are available for each grant_type (flow). For example, suppose you want "client_credentials" flow to only be able to request "public" scope, whereas "password" authentication should be able to request "write" scope. Additionally, this extension allows you to specify the default scope for each grant_type (flow).

Usage

Simply add the following gem to your Gemfile:

gem "doorkeeper_scopes_per_flow"

And then run bundle (note: doorkeeper should already be in your Gemfile)

Next specify default scopes and allowed flows per scope in config/initializers/doorkeeper.rb:

default_scopes  :public
optional_scopes :write

scopes_flows_whitelist :public => [:all], :write => [:password, :assertion]
flows_default_scopes :password => [:public, :write], :assertion => [:public, :write], :client_credentials => [:public]

  1. default_scopes and optional_scopes are the standard Doorkeeper configurations, you should define all valid scopes first using those two settings. However, default_scope will ultimately be overridden based on your configuration of this extension

  2. scopes_flows_whitelist is scope => [flows] map. The key should be a valid scope specified as explained in step 1. The values are arrays of grant_types that are allowed to access this scope. In our example, public scope is accessible to all flows, whereas write is only accessible to password and assertion flows. (NOTE: assertion flow is not a standard Doorkeeper flow but I'm using it here as an example only)

  3. flows_default_scopes is flow => [scopes] map. The key is a grant_type/flow whereas values are the default scopes granted by default in that flow when no specific scopes are requested.