Module: DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin::ClassMethods

Defined in:
lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb

Instance Method Summary collapse

Instance Method Details

#authorized_tokens_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken

Looking for not revoked Access Token records that belongs to specific Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application model instance

  • resource_owner (Mongoid::Document)

    ID of the Resource Owner model instance

Returns:



248
249
250
251
252
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 248

def authorized_tokens_for(application_id, resource_owner)
  send(order_method, created_at_desc)
    .by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
end

#by_previous_refresh_token(previous_refresh_token) ⇒ Object 



97
98
99
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 97

def by_previous_refresh_token(previous_refresh_token)
  where(refresh_token: previous_refresh_token).first
end

#by_refresh_token(refresh_token) ⇒ Doorkeeper::AccessToken?

Returns an instance of the Doorkeeper::AccessToken with specific token value.

Parameters:

  • refresh_token (#to_s)

    refresh token value (any object that responds to ‘#to_s`)

Returns:



79
80
81
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 79

def by_refresh_token(refresh_token)
  find_by_plaintext_token(:refresh_token, refresh_token)
end

#by_token(token) ⇒ Doorkeeper::AccessToken?

Returns an instance of the Doorkeeper::AccessToken with specific token value.

Parameters:

  • token (#to_s)

    token value (any object that responds to ‘#to_s`)

Returns:



66
67
68
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 66

def by_token(token)
  find_by_plaintext_token(:token, token)
end

#create_for(application:, resource_owner:, scopes:, **token_attributes) ⇒ Doorkeeper::AccessToken

Creates a not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • token_attributes (Hash)

    Additional attributes to use when creating a token

Options Hash (**token_attributes):

  • :expires_in (Integer)

    token lifetime in seconds

  • :use_refresh_token (Boolean)

    whether to use the refresh token

Returns:



225
226
227
228
229
230
231
232
233
234
235
236
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 225

def create_for(application:, resource_owner:, scopes:, **token_attributes)
  token_attributes[:application_id] = application&.id
  token_attributes[:scopes] = scopes.to_s

  if Doorkeeper.configuration.try(:polymorphic_resource_owner?)
    token_attributes[:resource_owner] = resource_owner
  else
    token_attributes[:resource_owner_id] = resource_owner_id_for(resource_owner)
  end

  create!(token_attributes)
end

#fallback_secret_strategyObject 



273
274
275
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 273

def fallback_secret_strategy
  ::Doorkeeper.configuration.token_secret_fallback_strategy
end

#find_access_token_in_batches(relation, *_args, &block) ⇒ Object 



119
120
121
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 119

def find_access_token_in_batches(relation, *_args, &block)
  relation.all.each(&block)
end

#find_matching_token(relation, application, scopes) ⇒ Object 



123
124
125
126
127
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 123

def find_matching_token(relation, application, scopes)
  relation.detect do |token|
    scopes_match?(token.scopes, scopes, application.try(:scopes))
  end
end

#find_or_create_for(*args) ⇒ Doorkeeper::AccessToken

Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner. If it doesn’t exists - then creates it.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • expires_in (Integer)

    token lifetime in seconds

  • use_refresh_token (Boolean)

    whether to use the refresh token

Returns:



172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 172

def find_or_create_for(*args)
  # [NOTE]: For backward compatibility with Doorkeeper < 5.4
  attributes = if args.size > 1
                 {
                   application: args[0],
                   resource_owner: args[1],
                   scopes: args[2],
                   expires_in: args[3],
                   use_refresh_token: args[4],
                 }
               else
                 args.first
               end

  application = attributes[:application]
  resource_owner = attributes[:resource_owner]
  scopes = attributes[:scopes]
  expires_in = attributes[:expires_in]
  use_refresh_token = attributes[:use_refresh_token]

  if Doorkeeper.configuration.reuse_access_token
    access_token = matching_token_for(application, resource_owner, scopes)

    return access_token if access_token&.reusable?
  end

  create_for(
    application: application,
    resource_owner: resource_owner,
    scopes: scopes,
    expires_in: expires_in,
    use_refresh_token: use_refresh_token,
  )
end

#last_authorized_token_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken?

Convenience method for backwards-compatibility, return the last matching token for the given Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application model instance

  • resource_owner (Mongoid::Document, Integer)

    ID of the Resource Owner model instance

Returns:



265
266
267
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 265

def last_authorized_token_for(application_id, resource_owner)
  authorized_tokens_for(application_id, resource_owner).first
end

#matching_token_for(application, resource_owner, scopes) ⇒ Doorkeeper::AccessToken?

Looking for not revoked Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (String, Doorkeeper::OAuth::Scopes)

    set of scopes

Returns:



114
115
116
117
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 114

def matching_token_for(application, resource_owner, scopes)
  tokens = authorized_tokens_for(application&.id, resource_owner)
  find_matching_token(tokens, application, scopes)
end

#revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object

Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application

  • resource_owner (Mongoid::Document)

    instance of the Resource Owner model



91
92
93
94
95
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 91

def revoke_all_for(application_id, resource_owner, clock = Time)
  by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
    .update_all(revoked_at: clock.now.utc)
end

#scopes_match?(token_scopes, param_scopes, app_scopes) ⇒ Boolean

Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).

Parameters:

  • token_scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • param_scopes (Doorkeeper::OAuth::Scopes)

    scopes from params

  • app_scopes (Doorkeeper::OAuth::Scopes)

    Application scopes

Returns:

  • (Boolean)

    true if the param scopes match the token scopes, and all the param scopes are defined in the application (or in the server configuration if the application doesn’t define any scopes), and false in other cases



144
145
146
147
148
149
150
151
152
153
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 144

def scopes_match?(token_scopes, param_scopes, app_scopes)
  return true if token_scopes.empty? && param_scopes.empty?

  (token_scopes.sort == param_scopes.sort) &&
    Doorkeeper::OAuth::Helpers::ScopeChecker.valid?(
      scope_str: param_scopes.to_s,
      server_scopes: Doorkeeper.configuration.scopes,
      app_scopes: app_scopes,
    )
end

#secret_strategyObject 



269
270
271
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 269

def secret_strategy
  ::Doorkeeper.configuration.token_secret_strategy
end