Class: Gini::Api::OAuth

Inherits:

Object

• Object
• Gini::Api::OAuth

Defined in:

lib/gini-api/oauth.rb

Overview

OAuth2 related methods to access API resources

Instance Attribute Summary

• #token ⇒ Object readonly

  Returns the value of attribute token.

Class Method Summary

• .refresh!(opts = {}) ⇒ OAuth2::AccessToken

  Override OAuth2::AccessToken#refresh! to update self instead of returnign a new object Inspired by github.com/intridea/oauth2/issues/116#issuecomment-8097675.

• .request(verb, path, opts = {}, &block) ⇒ Object

  Override OAuth2::AccessToken#request to refresh token when less then 60 seconds left.

Instance Method Summary

• #destroy ⇒ Object

  Destroy token.

• #initialize(api, opts) ⇒ OAuth constructor

  Instantiate a new Gini::Api::OAuth object and acquire token(s).

Constructor Details

#initialize(api, opts) ⇒ OAuth

Instantiate a new Gini::Api::OAuth object and acquire token(s)

Parameters:

• api (Gini::Api::Client) —

  Instance of Gini::Api::Client that contains all required params

• opts (Hash) —

  Your authorization credentials

Options Hash (opts):

• auth_code (String) —

  OAuth authorization code. Will be exchanged for a token

• username (String) —

  API username

• password (String) —

  API password

# File 'lib/gini-api/oauth.rb', line 20

def initialize(api, opts)
  # Initialize client. max_redirect is required as oauth2 will otherwise redirect to location from header (localhost)
  # https://github.com/intridea/oauth2/blob/master/lib/oauth2/client.rb#L100
  # Our code is encoded in the URL and has to be parsed from there.
  client = OAuth2::Client.new(
    api.client_id,
    api.client_secret,
    site: api.oauth_site,
    authorize_url: '/authorize',
    token_url: '/token',
    max_redirects: 0,
    raise_errors: true,
  )

  # Verify opts. Prefered authorization methis is auth_code. If no auth_code is present a login from username/password
  # is done.
  auth_code =
    if opts.key?(:auth_code) && !opts[:auth_code].empty?
      opts[:auth_code]
    else
      # Generate CSRF token to verify the response
      csrf_token = SecureRandom.hex
      location  = login_with_credentials(
                    api,
                    client,
                    csrf_token,
                    opts[:username],
                    opts[:password])
      extract_auth_code(location, csrf_token)
    end

  # Exchange code for a real token.
  # @token is a Oauth2::AccessToken object. Accesstoken is @token.token
  @token = exchange_code_for_token(api, client, auth_code)

  # Override OAuth2::AccessToken#refresh! to update self instead of returnign a new object
  # Inspired by https://github.com/intridea/oauth2/issues/116#issuecomment-8097675
  #
  # @param [Hash] opts Refresh opts passed to original refresh! method
  #
  # @return [OAuth2::AccessToken] Updated access token object
  #
  def @token.refresh!(opts = {})
    new_token = super
    (new_token.instance_variables - %w[@refresh_token]).each do |name|
      instance_variable_set(name, new_token.instance_variable_get(name))
    end
    self
  end

  # Override OAuth2::AccessToken#request to refresh token when less then 60 seconds left
  #
  # @param [Symbol] verb the HTTP request method
  # @param [String] path the HTTP URL path of the request
  # @param [Hash] opts the options to make the request with
  #
  def @token.request(verb, path, opts = {}, &block)
    refresh! if refresh_token && (expires_at < Time.now.to_i + 60)
    super
  end
end

Instance Attribute Details

#token ⇒ Object (readonly)

Returns the value of attribute token.

# File 'lib/gini-api/oauth.rb', line 10

def token
  @token
end

Class Method Details

.refresh!(opts = {}) ⇒ OAuth2::AccessToken

Override OAuth2::AccessToken#refresh! to update self instead of returnign a new object Inspired by github.com/intridea/oauth2/issues/116#issuecomment-8097675

Parameters:

• opts (Hash) (defaults to: {}) —

  Refresh opts passed to original refresh! method

Returns:

• (OAuth2::AccessToken) —

  Updated access token object

# File 'lib/gini-api/oauth.rb', line 62

def @token.refresh!(opts = {})
  new_token = super
  (new_token.instance_variables - %w[@refresh_token]).each do |name|
    instance_variable_set(name, new_token.instance_variable_get(name))
  end
  self
end

.request(verb, path, opts = {}, &block) ⇒ Object

Override OAuth2::AccessToken#request to refresh token when less then 60 seconds left

Parameters:

• verb (Symbol) —

  the HTTP request method

• path (String) —

  the HTTP URL path of the request

• opts (Hash) (defaults to: {}) —

  the options to make the request with

# File 'lib/gini-api/oauth.rb', line 76

def @token.request(verb, path, opts = {}, &block)
  refresh! if refresh_token && (expires_at < Time.now.to_i + 60)
  super
end

Instance Method Details

#destroy ⇒ Object

Destroy token

# File 'lib/gini-api/oauth.rb', line 84

def destroy
  @token.refresh_token && @token.refresh!
  response = token.delete("/accessToken/#{@token.token}")
  unless response.status == 204
    fail_with_oauth_error(
      "Failed to destroy token /accessToken/#{@token.token} "\
      "(code=#{response.status})",
      response
    )
  end
rescue OAuth2::Error => e
  fail_with_oauth_error(
    "Failed to destroy token (code=#{e.response.status})",
    e.response
  )
end