Doorkeeper: Add ability to reference current token in after_successful_authorization

Created on 6 Nov 2019  路  8Comments  路  Source: doorkeeper-gem/doorkeeper

It would be useful (to us) if we had a supported mechanism to reference the final token in the after_succesful_authorization callback.

Currently, the callback (added here: #1264) passes the current controller to the block. Looking at the internals, I can see the controller has a @token instance variable. We can access this with some Ruby trickery, but it would obviously be better if there were a public/supported api to the token.

Our specific use case involves saving some arbitrary data to the user object after token is issued. This data is passed along from the original OAuth request via the state parameter. We access this via: controller.request.params[:state] in the callback which is good enough.

I'm not sure how this could potentially be implemented. The most non-breaking way would probably be to add an argument to the block, but it seems a bit kludgy.

wontfix

Most helpful comment

Hi @synth , @natashad. Added in #1388 and #1384 and will be released with a new version (don't sure when exactly btw):

Doorkeeper.configure do 
  before_successful_authorization do |controller, context|
    Rails.logger.info(context.issued_token)
  end
end

All 8 comments

Workaround which saves state param to authenticated resource owner

NOTE: The state param we pass through is a Microsoft Teams team id.

  after_successful_authorization do |controller|
    if controller.request.params[:state]
      state = Base64.decode64(controller.request.params[:state])
      Rails.logger.debug "Doorkeeper#after_successful_authorization: #{state}"

      # state can be a string, number, or json
      # only handle parsable json
      state_params = JSON.parse(state) rescue nil

      if state_params
       # NOTE: this is the central kludge/workaround
        token = controller.send(:strategy).request.access_token

        if token
          u = User.find(token.resource_owner_id)
          team_id = state_params['team_id']
          u.update_attribute(:microsoft_team_id, team_id) if team_id.present?
        end
      end
    end
  end

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

+1 for this -- it would be great to be able to easily access things like resource_owner_id as well from the after_successful_authorization

We need to think how to introduce this change and not to break existing projects. I agree that it would be have to nice.

I think it must be some new object like Doorkeeper::AuthorizationContext (we already have something similar) that will store required data (like token, params, etc)

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Hi @synth , @natashad. Added in #1388 and #1384 and will be released with a new version (don't sure when exactly btw):

Doorkeeper.configure do 
  before_successful_authorization do |controller, context|
    Rails.logger.info(context.issued_token)
  end
end

@nbulaj Amazing! Looking forward to upgrading once the release is available. Cheers!

I'm currently having the same problem and you wouldn't believe how excited I am to realize this issue was resolved just a day ago :sweat_smile:

Looking forward to the release of the next version! Thanks for your work, @nbulaj.

Was this page helpful?
0 / 5 - 0 ratings