Class: ADAL::CachedTokenResponse

Inherits:

Object

• Object
• ADAL::CachedTokenResponse

Defined in:

lib/adal/cached_token_response.rb

Overview

Proxy object for a token response with metadata.

Instance Attribute Summary

• #authority ⇒ Object readonly

  Returns the value of attribute authority.

• #client_id ⇒ Object readonly

  Returns the value of attribute client_id.

• #token_response ⇒ Object readonly

  Returns the value of attribute token_response.

Class Method Summary

• .from_json(json) ⇒ Object

  Reconstructs an object from JSON that was serialized with CachedTokenResponse#to_json.

Instance Method Summary

• #==(other) ⇒ Object

  Since the token cache may be implemented by the user of this library, all means of checking equality must be consistent.

• #can_refresh?(other) ⇒ Boolean

  Determines if self can be used to refresh other.

• #eql?(other) ⇒ Boolean
• #hash ⇒ Object
• #initialize(client, authority, token_response) ⇒ CachedTokenResponse constructor

  Constructs a new CachedTokenResponse.

• #mrrt? ⇒ Boolean

  Is the token a Multi Resource Refresh Token?.

• #refresh(new_resource = resource) ⇒ Object

  Attempts to refresh the access token for a given resource.

• #refresh_token=(token) ⇒ Object

  Changes the refresh token of the underlying token response.

• #to_json(_ = nil) ⇒ Object

  Converts the fields in this object and its proxied SuccessResponse into a JSON string.

• #validate(expiration_buffer_sec = 0) ⇒ Object

  If the access token is within the expiration buffer of expiring, an attempt will be made to retrieve a new token with the refresh token.

Constructor Details

#initialize(client, authority, token_response) ⇒ CachedTokenResponse

Constructs a new CachedTokenResponse.

Parameters:

• ClientCredential|ClientAssertion|ClientAssertionCertificate —

  The credentials of the calling client application.

• Authority —

  authority The ADAL::Authority object that the response was retrieved from.

• SuccessResponse —

  token_response The token response to be cached.

# File 'lib/adal/cached_token_response.rb', line 39

def initialize(client, authority, token_response)
  unless token_response.instance_of? SuccessResponse
    fail ArgumentError, 'Only SuccessResponses can be cached.'
  end
  @authority = authority
  if client.respond_to? :client_id
    @client = client
    @client_id = client.client_id
  else
    @client = ClientCredential.new(client)
    @client_id = client
  end
  @token_response = token_response
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method, *args, &block) ⇒ Object (private)

CachedTokenResponse is just a proxy for TokenResponse.

# File 'lib/adal/cached_token_response.rb', line 178

def method_missing(method, *args, &block)
  if token_response.respond_to?(method)
    token_response.send(method, *args, &block)
  else
    super(method)
  end
end

Instance Attribute Details

#authority ⇒ Object (readonly)

Returns the value of attribute authority.

# File 'lib/adal/cached_token_response.rb', line 26

def authority
  @authority
end

#client_id ⇒ Object (readonly)

Returns the value of attribute client_id.

# File 'lib/adal/cached_token_response.rb', line 27

def client_id
  @client_id
end

#token_response ⇒ Object (readonly)

Returns the value of attribute token_response.

# File 'lib/adal/cached_token_response.rb', line 28

def token_response
  @token_response
end

Class Method Details

.from_json(json) ⇒ Object

Reconstructs an object from JSON that was serialized with CachedTokenResponse#to_json.

Parameters:

• JSON —

  raw_json

Returns:

• CachedTokenResponse

# File 'lib/adal/cached_token_response.rb', line 73

def self.from_json(json)
  json = JSON.parse(json) if json.instance_of? String
  CachedTokenResponse.new(json['client_id'],
                          Authority.new(*json['authority']),
                          SuccessResponse.new(json['token_response']))
end

Instance Method Details

#==(other) ⇒ Object

Since the token cache may be implemented by the user of this library, all means of checking equality must be consistent.

# File 'lib/adal/cached_token_response.rb', line 161

def ==(other)
  [:authority, :client_id, :token_response].all? do |field|
    (other.respond_to? field) && (send(field) == other.send(field))
  end
end

#can_refresh?(other) ⇒ Boolean

Determines if self can be used to refresh other.

Parameters:

• CachedTokenResponse —

  other

Returns:

• (Boolean) —

  Boolean

# File 'lib/adal/cached_token_response.rb', line 85

def can_refresh?(other)
  mrrt? && (authority == other.authority) &&
    (user_info == other.user_info) && (client_id == other.client_id)
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/adal/cached_token_response.rb', line 167

def eql?(other)
  self == other
end

#hash ⇒ Object

# File 'lib/adal/cached_token_response.rb', line 171

def hash
  [authority, client_id, token_response].hash
end

#mrrt? ⇒ Boolean

Is the token a Multi Resource Refresh Token?

Returns:

• (Boolean) —

  Boolean

# File 'lib/adal/cached_token_response.rb', line 154

def mrrt?
  token_response.refresh_token && token_response.resource
end

#refresh(new_resource = resource) ⇒ Object

Attempts to refresh the access token for a given resource. Note that you can call this method with a different resource even if the token is not an MRRT, but it will fail

Parameters:

• String —

  resource The resource that the new access token is beign requested for. Defaults to using the same resource as the original token.

Returns:

• TokenResponse

# File 'lib/adal/cached_token_response.rb', line 131

def refresh(new_resource = resource)
  token_response = TokenRequest
                   .new(authority, @client)
                   .get_with_refresh_token(refresh_token, new_resource)
  if token_response.instance_of? SuccessResponse
    token_response.parse_id_token(id_token)
  end
  token_response
end

#refresh_token=(token) ⇒ Object

Changes the refresh token of the underlying token response.

Parameters:

• String —

  token

# File 'lib/adal/cached_token_response.rb', line 145

def refresh_token=(token)
  token_response.instance_variable_set(:@refresh_token, token)
  logger.verbose("Updated the refresh token for #{token_response}.")
end

#to_json(_ = nil) ⇒ Object

Converts the fields in this object and its proxied SuccessResponse into a JSON string.

Parameters:

• JSON::Ext::Generator::State —

  We don’t care about the state, but JSON::unparse requires this.

Returns:

• String

# File 'lib/adal/cached_token_response.rb', line 61

def to_json(_ = nil)
  JSON.unparse(authority: [authority.host, authority.tenant],
               client_id: client_id,
               token_response: token_response)
end

#validate(expiration_buffer_sec = 0) ⇒ Object

If the access token is within the expiration buffer of expiring, an attempt will be made to retrieve a new token with the refresh token.

Parameters:

• Fixnum —

  expiration_buffer_sec The number of seconds to use as leeway in determining if the token is expired. A positive buffer will refresh the token early while a negative buffer will refresh it late. Used to counter clock skew and network latency.

Returns:

• Boolean True if the token is still valid (even if it was refreshed). False if the token is expired an unable to be refreshed.

# File 'lib/adal/cached_token_response.rb', line 102

def validate(expiration_buffer_sec = 0)
  return true if (Time.now + expiration_buffer_sec).to_i < expires_on
  unless refresh_token
    logger.verbose('Cached token is almost expired but no refresh token ' \
                   'is available.')
    return false
  end
  logger.verbose('Cached token is almost expired, attempting to refresh ' \
                 ' with refresh token.')
  refresh_response = refresh
  if refresh_response.instance_of? SuccessResponse
    logger.verbose('Successfully refreshed token in cache.')
    @token_response = refresh_response
    true
  else
    logger.warn('Failed to refresh token in cache with refresh token.')
    false
  end
end