Class: HolisticAuth::ClientTokenIssuer

Inherits:

Object

• Object
• HolisticAuth::ClientTokenIssuer

Defined in:

lib/holistic_auth/client_token_issuer.rb

Instance Method Summary

• #authorize!(options = {}) ⇒ Object
• #handle(options = {}) ⇒ Object
• #initialize(params, options = {}) ⇒ ClientTokenIssuer constructor

  Options can.

• #load_info(access_token) ⇒ Object

Constructor Details

#initialize(params, options = {}) ⇒ ClientTokenIssuer

Options can

# File 'lib/holistic_auth/client_token_issuer.rb', line 4

def initialize(params, options = {})
  @params = params.with_indifferent_access
  provider_name = get_provider_name(options)
  unless HolisticAuth.configuration.providers.include? provider_name
    raise ArgumentError,
          "Provider #{provider_name} not in supported provider list:\n" <<
          HolisticAuth.configuration.providers.inspect
  end

  @provider = HolisticAuth.configuration.provider(provider_name)

  assign_instance_vars(options)
end

Instance Method Details

#authorize!(options = {}) ⇒ Object

# File 'lib/holistic_auth/client_token_issuer.rb', line 18

def authorize!(options = {})
  return { error: "Invalid Application #{@app_name}" }, :bad_request unless @valid_applications.include? @app_name

  validator = EndPointListener.new(auth_code: @auth_code, provider: @provider)
  raise "End provider/config not valid:\n #{validator.inspect}" unless validator.valid?

  handle(options)
end

#handle(options = {}) ⇒ Object

# File 'lib/holistic_auth/client_token_issuer.rb', line 27

def handle(options = {})
  provider_access_token = @provider.exchange @auth_code, @redirect_uri

  begin
    info = load_info(provider_access_token)
  rescue EmailNotVerifiedError => _e
    return { error: 'Cannot create a Foogi account with an unverified email address' }, :bad_request
  end

  orm_handler = HolisticAuth::OrmHandlers::ActiveRecord.new(info, @provider.name.to_s)

  user = orm_handler.discover_user!
  orm_handler.store_provider_credentials!(provider_access_token)

  token_data = prepare_token(provider_access_token, user, options.delete(:expires_in))

  [token_data.to_json, :ok]
end

#load_info(access_token) ⇒ Object

Raises:

• (EmailNotVerifiedError)

# File 'lib/holistic_auth/client_token_issuer.rb', line 46

def load_info(access_token)
  # raw_info = provider_access_token.get('https://www.googleapis.com/plus/v1/people/me/openIdConnect').parsed

  raw_info = @provider.retrieve_user_info(access_token)

  verified_email = raw_info[:email_verified] ? raw_info[:email] : nil
  raise EmailNotVerifiedError, 'Email not verified' unless verified_email.present?

  raw_info
end