Class: ADAL::TokenRequest

Inherits:

Object

• Object
• ADAL::TokenRequest

Includes:

Logging, RequestParameters

Defined in:

lib/adal/token_request.rb

Overview

A request for a token that may be fulfilled by a cache or an OAuthRequest to a token endpoint.

Defined Under Namespace

Modules: GrantType Classes: UserCredentialError

Constant Summary

Constants included from RequestParameters

RequestParameters::AAD_API_VERSION, RequestParameters::ASSERTION, RequestParameters::CLIENT_ASSERTION, RequestParameters::CLIENT_ASSERTION_TYPE, RequestParameters::CLIENT_ID, RequestParameters::CLIENT_REQUEST_ID, RequestParameters::CLIENT_RETURN_CLIENT_REQUEST_ID, RequestParameters::CLIENT_SECRET, RequestParameters::CODE, RequestParameters::FORM_POST, RequestParameters::GRANT_TYPE, RequestParameters::PASSWORD, RequestParameters::REDIRECT_URI, RequestParameters::REFRESH_TOKEN, RequestParameters::RESOURCE, RequestParameters::SCOPE, RequestParameters::UNIQUE_ID, RequestParameters::USERNAME, RequestParameters::USER_INFO

Constants included from Logging

Logging::DEFAULT_LOG_LEVEL, Logging::DEFAULT_LOG_OUTPUT

Instance Method Summary

• #get_for_client(resource) ⇒ Object

  Gets a token based solely on the clients credentials that were used to initialize the token request.

• #get_with_authorization_code(auth_code, redirect_uri, resource = nil) ⇒ Object

  Gets a token based on a previously acquired authentication code.

• #get_with_refresh_token(refresh_token, resource = nil) ⇒ Object

  Gets a token based on a previously acquired refresh token.

• #get_with_user_credential(user_cred, resource = nil) ⇒ Object

  Gets a token based on possessing the users credentials.

• #initialize(authority, client, token_cache = NoopCache.new) ⇒ TokenRequest constructor

  Constructs a TokenRequest.

Methods included from Logging

#logger

Constructor Details

#initialize(authority, client, token_cache = NoopCache.new) ⇒ TokenRequest

Constructs a TokenRequest.

Parameters:

• authority (Authority) —

  The Authority providing authorization and token endpoints.

• ClientCredential|ClientAssertion|ClientAssertionCertificate —

  Used to identify the client. Provides a request_parameters method that yields the relevant client credential parameters.

• [TokenCache] (Hash) —

  a customizable set of options

# File 'lib/adal/token_request.rb', line 66

def initialize(authority, client, token_cache = NoopCache.new)
  @authority = authority
  @cache_driver = CacheDriver.new(authority, client, token_cache)
  @client = client
  @token_cache = token_cache
end

Instance Method Details

#get_for_client(resource) ⇒ Object

Gets a token based solely on the clients credentials that were used to initialize the token request.

Parameters:

• String —

  resource The resource for which the requested access token will provide access.

Returns:

• TokenResponse

# File 'lib/adal/token_request.rb', line 82

def get_for_client(resource)
  logger.verbose("TokenRequest getting token for client for #{resource}.")
  request(GRANT_TYPE => GrantType::CLIENT_CREDENTIALS,
          RESOURCE => resource)
end

#get_with_authorization_code(auth_code, redirect_uri, resource = nil) ⇒ Object

Gets a token based on a previously acquired authentication code.

Parameters:

• String —

  auth_code An authentication code that was previously acquired from an authentication endpoint.

• String —

  redirect_uri The redirect uri that was passed to the authentication endpoint when the auth code was acquired.

Returns:

• TokenResponse

# File 'lib/adal/token_request.rb', line 100

def get_with_authorization_code(auth_code, redirect_uri, resource = nil)
  logger.verbose('TokenRequest getting token with authorization code ' \
                 "#{auth_code}, redirect_uri #{redirect_uri} and " \
                 "resource #{resource}.")
  request(CODE => auth_code,
          GRANT_TYPE => GrantType::AUTHORIZATION_CODE,
          REDIRECT_URI => URI.parse(redirect_uri.to_s),
          RESOURCE => resource)
end

#get_with_refresh_token(refresh_token, resource = nil) ⇒ Object

Gets a token based on a previously acquired refresh token.

Parameters:

• String —

  refresh_token The refresh token that was previously acquired from a token response.

Returns:

• TokenResponse

# File 'lib/adal/token_request.rb', line 118

def get_with_refresh_token(refresh_token, resource = nil)
  logger.verbose('TokenRequest getting token with refresh token digest ' \
                 "#{Digest::SHA256.hexdigest refresh_token} and resource " \
                 "#{resource}.")
  request_no_cache(GRANT_TYPE => GrantType::REFRESH_TOKEN,
                   REFRESH_TOKEN => refresh_token,
                   RESOURCE => resource)
end

#get_with_user_credential(user_cred, resource = nil) ⇒ Object

Gets a token based on possessing the users credentials.

Parameters:

• UserCredential|UserIdentifier —

  user_cred Something that can be used to verify the user. Typically a username and password. If it is a UserIdentifier, only the cache will be checked. If a matching token is not there, it will fail.

Returns:

• TokenResponse

# File 'lib/adal/token_request.rb', line 137

def get_with_user_credential(user_cred, resource = nil)
  logger.verbose('TokenRequest getting token with user credential ' \
                 "#{user_cred} and resource #{resource}.")
  oauth = if user_cred.is_a? UserIdentifier
            lambda do
              fail UserCredentialError,
                   'UserIdentifier can only be used once there is a ' \
                   'matching token in the cache.'
            end
          end || -> {}
  request(user_cred.request_params.merge(RESOURCE => resource), &oauth)
end