Module: DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin::ClassMethods
- Defined in:
- lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb
Instance Method Summary collapse
-
#authorized_tokens_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken
Looking for not revoked Access Token records that belongs to specific Application and Resource Owner.
- #by_previous_refresh_token(previous_refresh_token) ⇒ Object
-
#by_refresh_token(refresh_token) ⇒ Doorkeeper::AccessToken?
Returns an instance of the Doorkeeper::AccessToken with specific token value.
-
#by_token(token) ⇒ Doorkeeper::AccessToken?
Returns an instance of the Doorkeeper::AccessToken with specific token value.
-
#create_for(application:, resource_owner:, scopes:, **token_attributes) ⇒ Doorkeeper::AccessToken
Creates a not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.
- #fallback_secret_strategy ⇒ Object
- #find_access_token_in_batches(relation, *_args, &block) ⇒ Object
- #find_matching_token(relation, application, scopes) ⇒ Object
-
#find_or_create_for(*args) ⇒ Doorkeeper::AccessToken
Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.
-
#last_authorized_token_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken?
Convenience method for backwards-compatibility, return the last matching token for the given Application and Resource Owner.
-
#matching_token_for(application, resource_owner, scopes, include_expired: true) ⇒ Doorkeeper::AccessToken?
Looking for not revoked Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.
-
#revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object
Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.
-
#scopes_match?(token_scopes, param_scopes, app_scopes) ⇒ Boolean
Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).
- #secret_strategy ⇒ Object
Instance Method Details
#authorized_tokens_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken
Looking for not revoked Access Token records that belongs to specific Application and Resource Owner.
276 277 278 279 280 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 276 def (application_id, resource_owner) send(order_method, created_at_desc) .by_resource_owner(resource_owner) .where(application_id: application_id, revoked_at: nil) end |
#by_previous_refresh_token(previous_refresh_token) ⇒ Object
119 120 121 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 119 def by_previous_refresh_token(previous_refresh_token) where(refresh_token: previous_refresh_token).first end |
#by_refresh_token(refresh_token) ⇒ Doorkeeper::AccessToken?
Returns an instance of the Doorkeeper::AccessToken with specific token value.
101 102 103 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 101 def by_refresh_token(refresh_token) find_by_plaintext_token(:refresh_token, refresh_token) end |
#by_token(token) ⇒ Doorkeeper::AccessToken?
Returns an instance of the Doorkeeper::AccessToken with specific token value.
88 89 90 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 88 def by_token(token) find_by_plaintext_token(:token, token) end |
#create_for(application:, resource_owner:, scopes:, **token_attributes) ⇒ Doorkeeper::AccessToken
Creates a not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.
253 254 255 256 257 258 259 260 261 262 263 264 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 253 def create_for(application:, resource_owner:, scopes:, **token_attributes) token_attributes[:application_id] = application&.id token_attributes[:scopes] = scopes.to_s if Doorkeeper.configuration.try(:polymorphic_resource_owner?) token_attributes[:resource_owner] = resource_owner else token_attributes[:resource_owner_id] = resource_owner_id_for(resource_owner) end create!(token_attributes) end |
#fallback_secret_strategy ⇒ Object
301 302 303 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 301 def fallback_secret_strategy ::Doorkeeper.configuration.token_secret_fallback_strategy end |
#find_access_token_in_batches(relation, *_args, &block) ⇒ Object
142 143 144 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 142 def find_access_token_in_batches(relation, *_args, &block) relation.all.each(&block) end |
#find_matching_token(relation, application, scopes) ⇒ Object
146 147 148 149 150 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 146 def find_matching_token(relation, application, scopes) relation.detect do |token| scopes_match?(token.scopes, scopes, application.try(:scopes)) end end |
#find_or_create_for(*args) ⇒ Doorkeeper::AccessToken
Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner. If it doesn’t exists - then creates it.
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 195 def find_or_create_for(*args) # [NOTE]: For backward compatibility with Doorkeeper < 5.4 attributes = if args.size > 1 { application: args[0], resource_owner: args[1], scopes: args[2], expires_in: args[3], use_refresh_token: args[4], } else args.first end application = attributes[:application] resource_owner = attributes[:resource_owner] scopes = attributes[:scopes] expires_in = attributes[:expires_in] use_refresh_token = attributes[:use_refresh_token] token_attributes = attributes.except( :application, :resource_owner, :scopes, :expires_in, :use_refresh_token ) if Doorkeeper.configuration.reuse_access_token access_token = matching_token_for(application, resource_owner, scopes) return access_token if access_token&.reusable? end create_for( application: application, resource_owner: resource_owner, scopes: scopes, expires_in: expires_in, use_refresh_token: use_refresh_token, **token_attributes, ) end |
#last_authorized_token_for(application_id, resource_owner) ⇒ Doorkeeper::AccessToken?
Convenience method for backwards-compatibility, return the last matching token for the given Application and Resource Owner.
293 294 295 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 293 def (application_id, resource_owner) (application_id, resource_owner).first end |
#matching_token_for(application, resource_owner, scopes, include_expired: true) ⇒ Doorkeeper::AccessToken?
Looking for not revoked Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.
136 137 138 139 140 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 136 def matching_token_for(application, resource_owner, scopes, include_expired: true) tokens = (application&.id, resource_owner) tokens = tokens.not_expired unless include_expired find_matching_token(tokens, application, scopes) end |
#revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object
Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.
113 114 115 116 117 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 113 def revoke_all_for(application_id, resource_owner, clock = Time) by_resource_owner(resource_owner) .where(application_id: application_id, revoked_at: nil) .update_all(revoked_at: clock.now.utc) end |
#scopes_match?(token_scopes, param_scopes, app_scopes) ⇒ Boolean
Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).
167 168 169 170 171 172 173 174 175 176 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 167 def scopes_match?(token_scopes, param_scopes, app_scopes) return true if token_scopes.empty? && param_scopes.empty? (token_scopes.sort == param_scopes.sort) && Doorkeeper::OAuth::Helpers::ScopeChecker.valid?( scope_str: param_scopes.to_s, server_scopes: Doorkeeper.configuration.scopes, app_scopes: app_scopes, ) end |
#secret_strategy ⇒ Object
297 298 299 |
# File 'lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb', line 297 def secret_strategy ::Doorkeeper.configuration.token_secret_strategy end |