X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/1c3a9ee62b7d1a0dc97d52b1a498be1339d49ebf..dc2a2c8ebd1a11e4a64555fda22c6859a51defff:/app/models/request_token.rb

diff --git a/app/models/request_token.rb b/app/models/request_token.rb
index 0044dde26..02f168346 100644
--- a/app/models/request_token.rb
+++ b/app/models/request_token.rb
@@ -1,13 +1,12 @@
 class RequestToken < OauthToken
-
   attr_accessor :provided_oauth_verifier
 
   def authorize!(user)
     return false if authorized?
     self.user = user
     self.authorized_at = Time.now
-    self.verifier = OAuth::Helper.generate_key(16)[0,20] unless oauth10?
-    self.save
+    self.verifier = OAuth::Helper.generate_key(20)[0, 20] unless oauth10?
+    save
   end
 
   def exchange!
@@ -17,9 +16,9 @@ class RequestToken < OauthToken
     RequestToken.transaction do
       params = { :user => user, :client_application => client_application }
       # copy the permissions from the authorised request token to the access token
-      client_application.permissions.each { |p|
+      client_application.permissions.each do |p|
         params[p] = read_attribute(p)
-      }
+      end
 
       access_token = AccessToken.create(params)
       invalidate!
@@ -36,11 +35,10 @@ class RequestToken < OauthToken
   end
 
   def oob?
-    self.callback_url=='oob'
+    callback_url.nil? || callback_url.downcase == "oob"
   end
 
   def oauth10?
-    (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
+    (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && callback_url.blank?
   end
-
 end