Module: DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin

Extended by:

ActiveSupport::Concern

Includes:

Doorkeeper::Models::Accessible, Doorkeeper::Models::Expirable, Doorkeeper::Models::Reusable, Doorkeeper::Models::Revocable, Doorkeeper::Models::Scopes, Doorkeeper::Models::SecretStorable, Doorkeeper::OAuth::Helpers, Doorkeeper::Orm::Concerns::Mongoid::ResourceOwnerable, BaseMixin, JsonSerializable

Included in:

Doorkeeper::AccessToken

Defined in:

lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #acceptable?(scopes) ⇒ Boolean

  Indicates if token is acceptable for specific scopes.

• #as_json(_options = {}) ⇒ Hash

  JSON representation of the Access Token instance.

• #plaintext_refresh_token ⇒ Object

  We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.

• #plaintext_token ⇒ Object

  We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.

• #revoke_previous_refresh_token! ⇒ Object

  Revokes token with ‘:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.

• #same_credential?(access_token) ⇒ Boolean

  Indicates whether the token instance have the same credential as the other Access Token.

• #same_resource_owner?(access_token) ⇒ Boolean

  Indicates whether the token instance have the same credential as the other Access Token.

• #token_type ⇒ Object

  Access Token type: Bearer.

• #use_refresh_token? ⇒ Boolean

Instance Method Details

#acceptable?(scopes) ⇒ Boolean

Indicates if token is acceptable for specific scopes.

Parameters:

• scopes (Array<String>) —

  scopes

Returns:

• (Boolean) —

  true if record is accessible and includes scopes or false in other cases

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 340

def acceptable?(scopes)
  accessible? && includes_scope?(*scopes)
end

#as_json(_options = {}) ⇒ Hash

JSON representation of the Access Token instance.

Returns:

• (Hash) —

  hash with token data

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 296

def as_json(_options = {})
  {
    resource_owner_id: resource_owner_id,
    scope: scopes,
    expires_in: expires_in_seconds,
    application: { uid: application.try(:uid) },
    created_at: created_at.to_i,
  }
end

#plaintext_refresh_token ⇒ Object

We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 346

def plaintext_refresh_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :refresh_token)
  else
    @raw_refresh_token
  end
end

#plaintext_token ⇒ Object

We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.

Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 360

def plaintext_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :token)
  else
    @raw_token
  end
end

#revoke_previous_refresh_token! ⇒ Object

Revokes token with ‘:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 371

def revoke_previous_refresh_token!
  return if !self.class.refresh_token_revoked_on_use? || previous_refresh_token.blank?

  old_refresh_token&.revoke
  update_attribute(:previous_refresh_token, "")
end

#same_credential?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

• access_token (Doorkeeper::AccessToken) —

  other token

Returns:

• (Boolean) —

  true if credentials are same of false in other cases

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 313

def same_credential?(access_token)
  application_id == access_token.application_id &&
    same_resource_owner?(access_token)
end

#same_resource_owner?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

• access_token (Doorkeeper::AccessToken) —

  other token

Returns:

• (Boolean) —

  true if credentials are same of false in other cases

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 325

def same_resource_owner?(access_token)
  if Doorkeeper.configuration.try(:polymorphic_resource_owner?)
    resource_owner == access_token.resource_owner
  else
    resource_owner_id == access_token.resource_owner_id
  end
end

#token_type ⇒ Object

Access Token type: Bearer.

See Also:

• The OAuth 2.0 Authorization Framework: Bearer Token Usage

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 284

def token_type
  "Bearer"
end

#use_refresh_token? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 288

def use_refresh_token?
  @use_refresh_token ||= false
  !!@use_refresh_token
end