Cleanup of verbose code that was useful for debugging.

tmjfitch · Feb 13, 2018 · a36e0ba · a36e0ba
1 parent c443dbb
commit a36e0ba
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 17 deletions.
diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
@@ -48,14 +48,11 @@ def set_user_by_token(mapping=nil)
     client_name = DeviseTokenAuth.headers_names[:'client']
 
     # parse header for values necessary for authentication
-    uid        = request.headers[uid_name] || params[uid_name]
-    provider   = request.headers[provider_name] || params[provider_name]
+    @provider_id = request.headers[uid_name] || params[uid_name]
+    @provider    = request.headers[provider_name] || params[provider_name]
     @token     ||= request.headers[access_token_name] || params[access_token_name]
     @client_id ||= request.headers[client_name] || params[client_name]
 
-    @provider = provider
-    @provider_id = uid
-
     # client_id isn't required, set to 'default' if absent
     @client_id ||= 'default'
 
@@ -82,7 +79,7 @@ def set_user_by_token(mapping=nil)
     # NOTE: By searching for the user by an identifier instead of by token, we
     # mitigate timing attacks
     #
-    resource = rc.find_resource(uid, provider)
+    resource = rc.find_resource(@provider_id, @provider)
 
     if resource && resource.valid_token?(@token, @client_id)
       # sign_in with bypass: true will be deprecated in the next version of Devise

diff --git a/app/controllers/devise_token_auth/token_validations_controller.rb b/app/controllers/devise_token_auth/token_validations_controller.rb
@@ -16,17 +16,13 @@ def validate_token
     protected
 
     def render_validate_token_success
-      data = @resource.token_validation_response
-
-      uid_name = DeviseTokenAuth.headers_names[:'uid']
-      provider_name = DeviseTokenAuth.headers_names[:'provider']
-      data['uid'] = request.headers[uid_name] || params[uid_name]
-      data['provider'] = request.headers[provider_name] || params[provider_name]
-      data = resource_data(resource_json: data)
-
       render json: {
         success: true,
-        data: data
+        data: resource_data(resource_json: @resource.token_validation_response)\
+                .tap do |r|
+                  r['uid'] = @provider_id
+                  r['provider'] = @provider
+                end
       }
     end
 

diff --git a/app/models/devise_token_auth/concerns/user.rb b/app/models/devise_token_auth/concerns/user.rb
@@ -334,8 +334,9 @@ def update_auth_header(token, client_id='default', provider_id, provider)
   end
 
   def build_auth_url(base_url, args)
-    args[:uid]    = self.uid
-    args[:expiry] = self.tokens[args[:client_id]]['expiry']
+    args[:uid]      = self.uid
+    args[:provider] = self.provider
+    args[:expiry]   = self.tokens[args[:client_id]]['expiry']
 
     DeviseTokenAuth::Url.generate(base_url, args)
   end