Server Resource Endpoint - nov/rack-oauth2 GitHub Wiki

rack-oauth2 provide OAuth2 Protected Resource Endpoint as a rack application.

Probably setting it as rack middleware is the most simple way in rails.

config.middleware.use Rack::OAuth2::Server::Resource::Bearer do |req|
  AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
end

The middleware will catch any rack-oauth2 errors raised in your application, and return OAuth2 formatted error response.

There are 4 resource endpoint error classes defined.

  • Rack::OAuth2::Server::Resource::BadRequest
  • Rack::OAuth2::Server::Resource::Forbidden
  • Rack::OAuth2::Server::Resource::Bearer::Unauthorized

In rack applications, you can also call protocol-defined error methods.