Optional oauth on one point

[alexandru-calinoiu]

I have an enpoint that can work both authorized and not authorized, when I don't decorate it with oauth2 I can't seem to be able to get the resource_owner even when I pass the bearer token.

[antek-drzewiecki]

That is true. Resource owner only gets set when an endpoint is authorized.
The scenario where an endpoint can be in both states was not taken account for.

[thedarkside]

i've monkeypatched wine_bouncer 0.3.1 some time ago this way:

module WineBouncer
  class OAuth2 < Grape::Middleware::Base

    #monkeypatch protection behavior. This method shares the given token with the endpoints even if they aren't protected.
    def before
      set_auth_strategy(WineBouncer.configuration.auth_strategy)
      auth_strategy.api_context = context
      #extend the context with auth methods.
      context.extend(WineBouncer::AuthMethods)
      context.protected_endpoint = endpoint_protected?
      self.doorkeeper_request= env # set request for later use.
      doorkeeper_authorize! *auth_scopes if context.protected_endpoint?
      context.doorkeeper_access_token = doorkeeper_token
    end
  end
end

it basically does what you want.
i didn't have time to contribute this as a pull request yet.

[dja]

This monkey patch works, but would love to see this properly considered within the gem. Have you rethought this @antek-drzewiecki?