Class: OohAuth::Token

Inherits:

Object

• Object
• OohAuth::Token

Includes:

DataMapper::Resource

Defined in:

app/models/token/dm_token.rb

Overview

Token model

A token is a stored authorisation allowing an authenticating client to:

 1. Get a *request key*. This is done by creating an unactivated token belonging to the authenticating client which has a _request key_.
 2. *Request access*. This is done by directing the user to a URL unique to the given request key, presenting them with a form.
    The user must be logged in through direct means in order to grant access.
 3. Getting an *access key* which is a property of the now-activated token.

Class Method Summary

• .authenticate!(consumer_key, access_key) ⇒ Object

  Authenticates a client on behalf of a user given the API parameters sent by the client in the given API request.

• .create_request_key(authenticating_client, expires = 1.hour.since) ⇒ Object

  Tentatively create a request_key for a given client, not yet tied to a user.

• .find_for_user(user) ⇒ Object

  Get all tokens for a single user.

• .get_request_key_for_client(client, request_key) ⇒ Object

  Fetch a request_key given the request_key code.

• .get_token(token) ⇒ Object

Instance Method Summary

• #activate!(with_user, expire_on = nil, permissions = nil) ⇒ Object

  Make this Authentication object active by generating an access key against it.

• #create_secret_if_not_present ⇒ Object
• #create_token_key_if_not_present ⇒ Object

  Assigns a valid, unique request_key to the object if one is not already defined.

• #editable_by_user?(user) ⇒ Boolean

  Returns true if the given user is the owner of this object.

• #generate_token_key! ⇒ Object

  Generates a valid, unique access_key which the client can use to authenticate with in future, and applies it to the object.

• #permissions ⇒ Object

  Returns the permissions for this particular token, or the :default_permissions if not set.

• #permissions_valid? ⇒ Boolean

  Returns true if the set permissions are a valid value according to the keys of the slice’s :client_permission_levels hash.

• #to_hash ⇒ Object

  Transformation - returns a hash representing this object, ready to be converted to XML, JSON or YAML.

• #to_json ⇒ Object
• #to_xml ⇒ Object

  FIXME why is to_xml not available?.

• #to_yaml ⇒ Object
• #user ⇒ Object

  FIXME the relationship helper should be sorting this.

Class Method Details

.authenticate!(consumer_key, access_key) ⇒ Object

Authenticates a client on behalf of a user given the API parameters sent by the client in the given API request. Returns the user on successful authentication, or false in the event of a failure to authenticate. If the user was since deleted, NIL will be returned.

# File 'app/models/token/dm_token.rb', line 45

def self.authenticate!(consumer_key, access_key)
  auth = first('authenticating_client.api_key'=>consumer_key, :token_key=>access_key, :activated=>true, :expires.gt=>DateTime.now)
  return (auth)? auth.user : nil
end

.create_request_key(authenticating_client, expires = 1.hour.since) ⇒ Object

Tentatively create a request_key for a given client, not yet tied to a user.

# File 'app/models/token/dm_token.rb', line 56

def self.create_request_key(authenticating_client, expires=1.hour.since)
  o = new(:authenticating_client=>authenticating_client, :expires=>expires)
  o.save or raise RuntimeError, "OAuth request key failed to save with errors: #{o.errors.inspect}"
  o
end

.find_for_user(user) ⇒ Object

Get all tokens for a single user

# File 'app/models/token/dm_token.rb', line 63

def self.find_for_user(user)
  all :user_id=>user.id
end

.get_request_key_for_client(client, request_key) ⇒ Object

Fetch a request_key given the request_key code

# File 'app/models/token/dm_token.rb', line 68

def self.get_request_key_for_client(client, request_key)
  first :token_key=>request_key, :authenticating_client_id=>client.id, :expires.gt=>DateTime.now, :activated=>false
end

.get_token(token) ⇒ Object

# File 'app/models/token/dm_token.rb', line 72

def self.get_token(token)
  first :token_key=>token
end

Instance Method Details

#activate!(with_user, expire_on = nil, permissions = nil) ⇒ Object

Make this Authentication object active by generating an access key against it. You may optionally specify a new expiry date/time for the access key.

# File 'app/models/token/dm_token.rb', line 78

def activate!(with_user, expire_on=nil, permissions=nil)
  if authenticating_client and with_user
    self.activated = true
    self.expires = (expire_on || 1.year.since)
    self.permissions = (permissions || OohAuth[:default_permissions])
    self.user_id = with_user.id
    generate_token_key!
    return save
  else
    return false
  end
end

#create_secret_if_not_present ⇒ Object

# File 'app/models/token/dm_token.rb', line 102

def create_secret_if_not_present
  self.secret ||= OohAuth::KeyGenerators::Alphanum.gen(30)
end

#create_token_key_if_not_present ⇒ Object

Assigns a valid, unique request_key to the object if one is not already defined.

# File 'app/models/token/dm_token.rb', line 98

def create_token_key_if_not_present
  generate_token_key! if token_key.blank?
end

#editable_by_user?(user) ⇒ Boolean

Returns true if the given user is the owner of this object.

Returns:

• (Boolean)

# File 'app/models/token/dm_token.rb', line 115

def editable_by_user?(user)
  return user.id == user_id
end

#generate_token_key! ⇒ Object

Generates a valid, unique access_key which the client can use to authenticate with in future, and applies it to the object.

# File 'app/models/token/dm_token.rb', line 108

def generate_token_key!
  while (token_key.blank? or self.class.first(:token_key=>token_key)) do
    self.token_key = OohAuth::KeyGenerators::Alphanum.gen(30)
  end
end

#permissions ⇒ Object

Returns the permissions for this particular token, or the :default_permissions if not set.

# File 'app/models/token/dm_token.rb', line 120

def permissions
  attribute_get(:permissions) or OohAuth[:default_permissions]
end

#permissions_valid? ⇒ Boolean

Returns true if the set permissions are a valid value according to the keys of the slice’s :client_permission_levels hash.

Returns:

• (Boolean)

# File 'app/models/token/dm_token.rb', line 125

def permissions_valid?
  OohAuth[:client_permission_levels].keys.include?(permissions.to_sym)
end

#to_hash ⇒ Object

Transformation - returns a hash representing this object, ready to be converted to XML, JSON or YAML.

# File 'app/models/token/dm_token.rb', line 130

def to_hash
  if activated?
    {
      :access_key=>{
        :token=>token_key,
        :secret=>secret,
        :expires=>expires
      }
    }
  else
    {
      :request_key=>{
        :token=>token_key,
        :secret=>secret,
        :expires=>expires
      }
    }      
  end
end

#to_json ⇒ Object

# File 'app/models/token/dm_token.rb', line 151

def to_json;  to_hash.to_json; end

#to_xml ⇒ Object

FIXME why is to_xml not available?

# File 'app/models/token/dm_token.rb', line 150

def to_xml;   (activated?)? "<access-key><token>#{token_key}</token><secret>#{secret}</secret><expires>#{expires}</expires></access-key>" : "<request-key><token>#{token_key}</token><secret>#{secret}</secret><expires>#{expires}</expires></request-key>"; end

#to_yaml ⇒ Object

# File 'app/models/token/dm_token.rb', line 152

def to_yaml;  to_hash.to_yaml; end

#user ⇒ Object

FIXME the relationship helper should be sorting this. Something to do with the variable class.

# File 'app/models/token/dm_token.rb', line 51

def user
  Merb::Authentication.user_class.get(user_id)
end