
<p></p>

<p>For the sake of documenting my doorkeeper mini-proof of concept, I'm listing a few points that I thought might be worthwhile checking.</p>

<p>Gemfile:</p>

<pre><code>+ gem "doorkeeper"

</code></pre>

<p>Beyond the default doorkeeper installation, I also installed:</p>

<ul>

<li><a href="https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views">https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views</a></li>

<li><a href="https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-PKCE-flow">https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-PKCE-flow</a></li>

<li><a href="https://github.com/doorkeeper-gem/doorkeeper/wiki/Associate-users-to-OAuth-applications-(ownership)">https://github.com/doorkeeper-gem/doorkeeper/wiki/Associate-users-to-OAuth-applications-(ownership)</a></li>

</ul>

<p>Respective generate commands:</p>

<ul>

<li>rails generate doorkeeper:views</li>

<li>rails generate doorkeeper:pkce</li>

<li>rails generate doorkeeper:application_owner</li>

<li></li>

</ul>

<p>Some migrations need an additional <code>safety_assured</code> to pass.</p>

<p>app/controllers/api/users_controller.rb:</p>

<p>Enable OAuth token check with "read" scope for details endpoint:</p>

<pre lang="rails"><code>   class UsersController < ApiController

     before_action :disable_terms_redirect, :only => [:details]

+

+    before_action -> { authorize_if_got_token! :read }, :only => [:details]

+

     before_action :authorize, :only => [:details, :gpx_files]

</code></pre>

<p>app/controllers/api_controller.rb:</p>

<p>Some ideas taken from <a href="https://github.com/tootsuite/mastodon/blob/master/app/controllers/api/base_controller.rb#L114">https://github.com/tootsuite/mastodon/blob/master/app/controllers/api/base_controller.rb#L114</a>. It's not clear if this a reasonable approach. Additional methods are only relevant for API endpoints.</p>

<pre><code>+  # Find the user that owns the access token

+  def current_user

+    if doorkeeper_token

+      User.find(doorkeeper_token.resource_owner_id)

+    else

+      super

+    end

+  end

+

+  def current_resource_owner

+    @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token

+  end

+   

+  def authorize_if_got_token!(*scopes)

+    doorkeeper_authorize!(*scopes) if doorkeeper_token

+  end  

 end

</code></pre>

<p>app/models/user.rb:</p>

<p>(changes were described on some of the doorkeeper wiki pages mentioned earlier on)</p>

<pre><code>   has_many :reports

+  

+  has_many  :access_grants, class_name:  "Doorkeeper::AccessGrant",

+                            foreign_key: :resource_owner_id,

+                            dependent:   :delete_all

+

+  has_many  :access_tokens, class_name:  "Doorkeeper::AccessToken",

+                            foreign_key: :resource_owner_id,

+                            dependent:   :delete_all  

+

+  has_many :oauth_applications, class_name: 'Doorkeeper::Application', as: :owner

</code></pre>

<p>config/routes.rb:</p>

<p>Use /oauth2/... to avoid interference with current oauth/ endpoints</p>

<pre><code> OpenStreetMap::Application.routes.draw do

+  use_doorkeeper :scope => 'oauth2'

+

   # API

</code></pre>

<p>doorkeeper.rb needs at least a custom implementation for:</p>

<ul>

<li>resource_owner_authenticator:</li>

<li>admin_authenticator</li>

</ul>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/issues/1408#issuecomment-707346587">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLJ43ARCQ77WBWZT2L3SKNV4BANCNFSM4C3VTPOA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AAK2OLMYVA4D63RC4V4IVIDSKNV4BA5CNFSM4C3VTPOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOFIUUBGY.gif" height="1" width="1" alt="" /></p>

<script type="application/ld+json">[

{

"@context": "http://schema.org",

"@type": "EmailMessage",

"potentialAction": {

"@type": "ViewAction",

"target": "https://github.com/openstreetmap/openstreetmap-website/issues/1408#issuecomment-707346587",

"url": "https://github.com/openstreetmap/openstreetmap-website/issues/1408#issuecomment-707346587",

"name": "View Issue"

},

"description": "View this Issue on GitHub",

"publisher": {

"@type": "Organization",

"name": "GitHub",

"url": "https://github.com"

}

}

]</script>