Class: HolisticAuth::Providers::MsGraph

Inherits:

GenericProvider

• Object
• GenericProvider
• HolisticAuth::Providers::MsGraph

Defined in:

lib/holistic_auth/providers/ms_graph.rb

Direct Known Subclasses

Outlook

Constant Summary

GRAPH_RESOURCE =

'https://graph.microsoft.com'.freeze

DEFAULT_CONTENT_TYPE =

'application/json;odata.metadata=minimal;odata.streaming=true'.freeze

API_VERSION =

'beta'.freeze

SETTINGS =

{
  site: 'https://login.microsoftonline.com',
  token_url: 'oauth2/token',
  user_info_url: URI("#{GRAPH_RESOURCE}/#{API_VERSION}/me"),
  additional_parameters: {
    resource: GRAPH_RESOURCE,
  },
}.freeze

Instance Attribute Summary

Attributes inherited from GenericProvider

#api_key, #client_id, #client_secret, #oauth2_client, #site, #tenant_id, #token_url, #user_info_url

Instance Method Summary

• #full_site_url ⇒ Object
• #name ⇒ Object
• #process_info(hash) ⇒ Object
• #query!(method, access_token, uri, body = nil) ⇒ Object

  Need error handling for when the token has expired.

• #retrieve_user_info(access_token) ⇒ Object
• #sanity_check!(hash) ⇒ Object
• #settings ⇒ Object

Methods inherited from GenericProvider

#add_secrets, #empty?, #exchange, #initialize, #present?, #secrets, #site_token_url, #to_hash

Constructor Details

This class inherits a constructor from HolisticAuth::Providers::GenericProvider

Instance Method Details

#full_site_url ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 25

def full_site_url
  tenant_id.present? ? (site + '/' + tenant_id + '/') : (site + '/common/')
end

#name ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 21

def name
  :ms_graph
end

#process_info(hash) ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 34

def process_info(hash)
  sanity_check! hash

  {
    email_verified: hash['mail'].present?,
    email: hash['mail'],
    display_name: hash['displayName'],
    name: {
      givenName: hash['givenName'],
      familyName: hash['familyName'],
    },
    picture_url: '',
    uid: hash['id'],
    language: hash['preferredLanguage'],
  }.with_indifferent_access
end

#query!(method, access_token, uri, body = nil) ⇒ Object

Need error handling for when the token has expired.

# File 'lib/holistic_auth/providers/ms_graph.rb', line 60

def query!(method, access_token, uri, body = nil)
  http = Net::HTTP.new(uri.host, uri.port)
  http.use_ssl = true

  headers = {
    'Authorization' => "Bearer #{access_token}",
    'Content-Type' => DEFAULT_CONTENT_TYPE,
  }

  full_endpoint = uri.query.present? ? "#{uri.path}?#{uri.query}" : uri.path

  response =
    case method
      when :get
        http.get(full_endpoint, headers)
      when :post
        http.post(full_endpoint, body, headers)
      else
        raise "method #{method} not implemented"
    end

  response
end

#retrieve_user_info(access_token) ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 29

def retrieve_user_info(access_token)
  result = query! :get, access_token.token, settings[:user_info_url]
  process_info JSON.parse(result.body)
end

#sanity_check!(hash) ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 84

def sanity_check!(hash)
  raise "Can't process empty user info" unless hash.is_a? Hash

  if hash.key?('error')
    raise "Could not process user info: \n #{hash['error']['code']}: #{hash['error']['message']}"
  end
end

#settings ⇒ Object

# File 'lib/holistic_auth/providers/ms_graph.rb', line 17

def settings
  self.class::SETTINGS
end