Module: DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin::ClassMethods

Defined in:
lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb

Instance Method Summary collapse

Instance Method Details

#authorized_tokens_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken

Looking for not revoked Access Token records that belongs to specific Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application model instance

  • resource_owner (Mongoid::Document)

    ID of the Resource Owner model instance

Returns:



249
250
251
252
253
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 249

def authorized_tokens_for(application_id, resource_owner)
  send(order_method, created_at_desc)
    .by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
end

#by_previous_refresh_token(previous_refresh_token) ⇒ Object 



98
99
100
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 98

def by_previous_refresh_token(previous_refresh_token)
  where(refresh_token: previous_refresh_token).first
end

#by_refresh_token(refresh_token) ⇒ Doorkeeper::AccessToken?

Returns an instance of the Doorkeeper::AccessToken with specific token value.

Parameters:

  • refresh_token (#to_s)

    refresh token value (any object that responds to ‘#to_s`)

Returns:



80
81
82
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 80

def by_refresh_token(refresh_token)
  find_by_plaintext_token(:refresh_token, refresh_token)
end

#by_token(token) ⇒ Doorkeeper::AccessToken?

Returns an instance of the Doorkeeper::AccessToken with specific token value.

Parameters:

  • token (#to_s)

    token value (any object that responds to ‘#to_s`)

Returns:



67
68
69
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 67

def by_token(token)
  find_by_plaintext_token(:token, token)
end

#create_for(application:, resource_owner:, scopes:, **token_attributes) ⇒ Doorkeeper::AccessToken

Creates a not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • token_attributes (Hash)

    Additional attributes to use when creating a token

Options Hash (**token_attributes):

  • :expires_in (Integer)

    token lifetime in seconds

  • :use_refresh_token (Boolean)

    whether to use the refresh token

Returns:



226
227
228
229
230
231
232
233
234
235
236
237
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 226

def create_for(application:, resource_owner:, scopes:, **token_attributes)
  token_attributes[:application_id] = application&.id
  token_attributes[:scopes] = scopes.to_s

  if Doorkeeper.configuration.try(:polymorphic_resource_owner?)
    token_attributes[:resource_owner] = resource_owner
  else
    token_attributes[:resource_owner_id] = resource_owner_id_for(resource_owner)
  end

  create!(token_attributes)
end

#fallback_secret_strategyObject 



274
275
276
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 274

def fallback_secret_strategy
  ::Doorkeeper.configuration.token_secret_fallback_strategy
end

#find_access_token_in_batches(relation, *_args, &block) ⇒ Object 



120
121
122
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 120

def find_access_token_in_batches(relation, *_args, &block)
  relation.all.each(&block)
end

#find_matching_token(relation, application, scopes) ⇒ Object 



124
125
126
127
128
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 124

def find_matching_token(relation, application, scopes)
  relation.detect do |token|
    scopes_match?(token.scopes, scopes, application.try(:scopes))
  end
end

#find_or_create_for(*args) ⇒ Doorkeeper::AccessToken

Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner. If it doesn’t exists - then creates it.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • expires_in (Integer)

    token lifetime in seconds

  • use_refresh_token (Boolean)

    whether to use the refresh token

Returns:



173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 173

def find_or_create_for(*args)
  # [NOTE]: For backward compatibility with Doorkeeper < 5.4
  attributes = if args.size > 1
                 {
                   application: args[0],
                   resource_owner: args[1],
                   scopes: args[2],
                   expires_in: args[3],
                   use_refresh_token: args[4],
                 }
               else
                 args.first
               end

  application = attributes[:application]
  resource_owner = attributes[:resource_owner]
  scopes = attributes[:scopes]
  expires_in = attributes[:expires_in]
  use_refresh_token = attributes[:use_refresh_token]

  if Doorkeeper.configuration.reuse_access_token
    access_token = matching_token_for(application, resource_owner, scopes)

    return access_token if access_token&.reusable?
  end

  create_for(
    application: application,
    resource_owner: resource_owner,
    scopes: scopes,
    expires_in: expires_in,
    use_refresh_token: use_refresh_token,
  )
end

#last_authorized_token_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken?

Convenience method for backwards-compatibility, return the last matching token for the given Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application model instance

  • resource_owner (Mongoid::Document, Integer)

    ID of the Resource Owner model instance

Returns:



266
267
268
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 266

def last_authorized_token_for(application_id, resource_owner)
  authorized_tokens_for(application_id, resource_owner).first
end

#matching_token_for(application, resource_owner, scopes) ⇒ Doorkeeper::AccessToken?

Looking for not revoked Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.

Parameters:

  • application (Doorkeeper::Application)

    Application instance

  • resource_owner (Mongoid::Document, Integer)

    Resource Owner model instance or it’s ID

  • scopes (String, Doorkeeper::OAuth::Scopes)

    set of scopes

Returns:



115
116
117
118
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 115

def matching_token_for(application, resource_owner, scopes)
  tokens = authorized_tokens_for(application&.id, resource_owner)
  find_matching_token(tokens, application, scopes)
end

#revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object

Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.

Parameters:

  • application_id (Integer)

    ID of the Application

  • resource_owner (Mongoid::Document)

    instance of the Resource Owner model



92
93
94
95
96
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 92

def revoke_all_for(application_id, resource_owner, clock = Time)
  by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
    .update_all(revoked_at: clock.now.utc)
end

#scopes_match?(token_scopes, param_scopes, app_scopes) ⇒ Boolean

Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).

Parameters:

  • token_scopes (#to_s)

    set of scopes (any object that responds to ‘#to_s`)

  • param_scopes (Doorkeeper::OAuth::Scopes)

    scopes from params

  • app_scopes (Doorkeeper::OAuth::Scopes)

    Application scopes

Returns:

  • (Boolean)

    true if the param scopes match the token scopes, and all the param scopes are defined in the application (or in the server configuration if the application doesn’t define any scopes), and false in other cases



145
146
147
148
149
150
151
152
153
154
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 145

def scopes_match?(token_scopes, param_scopes, app_scopes)
  return true if token_scopes.empty? && param_scopes.empty?

  (token_scopes.sort == param_scopes.sort) &&
    Doorkeeper::OAuth::Helpers::ScopeChecker.valid?(
      scope_str: param_scopes.to_s,
      server_scopes: Doorkeeper.configuration.scopes,
      app_scopes: app_scopes,
    )
end

#secret_strategyObject 



270
271
272
 
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 270

def secret_strategy
  ::Doorkeeper.configuration.token_secret_strategy
end