Class: Rack::OAuth2::Server::Client

Inherits:

Object

• Object
• Rack::OAuth2::Server::Client

Defined in:

lib/rack/oauth2/models/client.rb

Instance Attribute Summary

• #_id ⇒ Object (also: #id) readonly

  Client identifier.

• #created_at ⇒ Object readonly

  Does what it says on the label.

• #display_name ⇒ Object readonly

  User see this.

• #image_url ⇒ Object readonly

  Preferred image URL for this icon.

• #link ⇒ Object readonly

  Link to client’s Web site.

• #notes ⇒ Object readonly

  Free form fields for internal use.

• #redirect_uri ⇒ Object readonly

  Redirect URL.

• #revoked ⇒ Object

  Timestamp if revoked.

• #scope ⇒ Object readonly

  List of scope the client is allowed to request.

• #secret ⇒ Object readonly

  Client secret: random, long, and hexy.

• #tokens_granted ⇒ Object readonly

  Counts how many access tokens were granted.

• #tokens_revoked ⇒ Object readonly

  Counts how many access tokens were revoked.

Class Method Summary

• .all ⇒ Object

  Returns all the clients in the database, sorted alphabetically.

• .collection ⇒ Object
• .create(args) ⇒ Object

  Create a new client.

• .delete(client_id) ⇒ Object

  Deletes client with given identifier (also, all related records).

• .find(client_id) ⇒ Object

  Authenticate a client request.

• .lookup(field) ⇒ Object

  Lookup client by ID, display name or URL.

Instance Method Summary

• #revoke! ⇒ Object

  Revoke all authorization requests, access grants and access tokens for this client.

• #update(args) ⇒ Object

Instance Attribute Details

#_id ⇒ Object (readonly) Also known as: id

Client identifier.

# File 'lib/rack/oauth2/models/client.rb', line 75

def _id
  @_id
end

#created_at ⇒ Object (readonly)

Does what it says on the label.

# File 'lib/rack/oauth2/models/client.rb', line 93

def created_at
  @created_at
end

#display_name ⇒ Object (readonly)

User see this.

# File 'lib/rack/oauth2/models/client.rb', line 80

def display_name
  @display_name
end

#image_url ⇒ Object (readonly)

Preferred image URL for this icon.

# File 'lib/rack/oauth2/models/client.rb', line 84

def image_url
  @image_url
end

#link ⇒ Object (readonly)

Link to client’s Web site.

# File 'lib/rack/oauth2/models/client.rb', line 82

def link
  @link
end

#notes ⇒ Object (readonly)

Free form fields for internal use.

# File 'lib/rack/oauth2/models/client.rb', line 91

def notes
  @notes
end

#redirect_uri ⇒ Object (readonly)

Redirect URL. Supplied by the client if they want to restrict redirect URLs (better security).

# File 'lib/rack/oauth2/models/client.rb', line 87

def redirect_uri
  @redirect_uri
end

#revoked ⇒ Object

Timestamp if revoked.

# File 'lib/rack/oauth2/models/client.rb', line 95

def revoked
  @revoked
end

#scope ⇒ Object (readonly)

List of scope the client is allowed to request.

# File 'lib/rack/oauth2/models/client.rb', line 89

def scope
  @scope
end

#secret ⇒ Object (readonly)

Client secret: random, long, and hexy.

# File 'lib/rack/oauth2/models/client.rb', line 78

def secret
  @secret
end

#tokens_granted ⇒ Object (readonly)

Counts how many access tokens were granted.

# File 'lib/rack/oauth2/models/client.rb', line 97

def tokens_granted
  @tokens_granted
end

#tokens_revoked ⇒ Object (readonly)

Counts how many access tokens were revoked.

# File 'lib/rack/oauth2/models/client.rb', line 99

def tokens_revoked
  @tokens_revoked
end

Class Method Details

.all ⇒ Object

Returns all the clients in the database, sorted alphabetically.

# File 'lib/rack/oauth2/models/client.rb', line 54

def all
  collection.find({}, { :sort=>[[:display_name, Mongo::ASCENDING]] }).
    map { |fields| Server.new_instance self, fields }
end

.collection ⇒ Object

# File 'lib/rack/oauth2/models/client.rb', line 68

def collection
  prefix = Server.options[:collection_prefix]
  Server.database["#{prefix}.clients"]
end

.create(args) ⇒ Object

Create a new client. Client provides the following properties: # :display_name – Name to show (e.g. UberClient) # :link – Link to client Web site (e.g. uberclient.dot) # :image_url – URL of image to show alongside display name # :redirect_uri – Registered redirect URI. # :scope – List of names the client is allowed to request. # :notes – Free form text.

This method does not validate any of these fields, in fact, you’re not required to set them, use them, or use them as suggested. Using them as suggested would result in better user experience. Don’t ask how we learned that.

# File 'lib/rack/oauth2/models/client.rb', line 28

def create(args)
  redirect_uri = Server::Utils.parse_redirect_uri(args[:redirect_uri]).to_s if args[:redirect_uri]
  scope = Server::Utils.normalize_scope(args[:scope])
  fields =  { :display_name=>args[:display_name], :link=>args[:link],
              :image_url=>args[:image_url], :redirect_uri=>redirect_uri,
              :notes=>args[:notes].to_s, :scope=>scope,
              :created_at=>Time.now.to_i, :revoked=>nil }
  if args[:id] && args[:secret]
    fields[:_id], fields[:secret] = BSON::ObjectId(args[:id].to_s), args[:secret]
    collection.insert(fields, :safe=>true)
  else
    fields[:secret] = Server.secure_random
    fields[:_id] = collection.insert(fields)
  end
  Server.new_instance self, fields
end

.delete(client_id) ⇒ Object

Deletes client with given identifier (also, all related records).

# File 'lib/rack/oauth2/models/client.rb', line 60

def delete(client_id)
  id = BSON::ObjectId(client_id.to_s)
  Client.collection.remove({ :_id=>id })
  AuthRequest.collection.remove({ :client_id=>id })
  AccessGrant.collection.remove({ :client_id=>id })
  AccessToken.collection.remove({ :client_id=>id })
end

.find(client_id) ⇒ Object

Authenticate a client request. This method takes three arguments, Find Client from client identifier.

# File 'lib/rack/oauth2/models/client.rb', line 10

def find(client_id)
  id = BSON::ObjectId(client_id.to_s)
  Server.new_instance self, collection.find_one(id)
rescue BSON::InvalidObjectId
end

.lookup(field) ⇒ Object

Lookup client by ID, display name or URL.

# File 'lib/rack/oauth2/models/client.rb', line 46

def lookup(field)
  id = BSON::ObjectId(field.to_s)
  Server.new_instance self, collection.find_one(id)
rescue BSON::InvalidObjectId
  Server.new_instance self, collection.find_one({ :display_name=>field }) || collection.find_one({ :link=>field })
end

Instance Method Details

#revoke! ⇒ Object

Revoke all authorization requests, access grants and access tokens for this client. Ward off the evil.

# File 'lib/rack/oauth2/models/client.rb', line 103

def revoke!
  self.revoked = Time.now.to_i
  Client.collection.update({ :_id=>id }, { :$set=>{ :revoked=>revoked } })
  AuthRequest.collection.update({ :client_id=>id }, { :$set=>{ :revoked=>revoked } })
  AccessGrant.collection.update({ :client_id=>id }, { :$set=>{ :revoked=>revoked } })
  AccessToken.collection.update({ :client_id=>id }, { :$set=>{ :revoked=>revoked } })
end

#update(args) ⇒ Object

# File 'lib/rack/oauth2/models/client.rb', line 111

def update(args)
  fields = [:display_name, :link, :image_url, :notes].inject({}) { |h,k| v = args[k]; h[k] = v if v; h }
  fields[:redirect_uri] = Server::Utils.parse_redirect_uri(args[:redirect_uri]).to_s if args[:redirect_uri]
  fields[:scope] = Server::Utils.normalize_scope(args[:scope])
  self.class.collection.update({ :_id=>id }, { :$set=>fields })
  self.class.find(id)
end