Class: Nexo::GoogleAuthService

Inherits:

Object

Object
Nexo::GoogleAuthService

show all

Defined in:: app/lib/nexo/api_client/google_auth_service.rb

Overview

This is actually an OAuth 2.0 flow, and that logic should be extracted to a generic OAuth2Service

Constant Summary collapse

EXCEPTIONS =

[
  Signet::AuthorizationError,

  # user revoked access
  Google::Apis::ClientError,

  Google::Apis::AuthorizationError
]

Class Method Summary collapse

.handle_auth_callback_deferred(request) ⇒ Object

Instance Method Summary collapse

#get_authorization_url(request, login_hint: nil) ⇒ Object
#get_credentials(request = nil) ⇒ Object

Debe estar presente en la autorización (cuando google callback redirige al show).
#initialize(integration) ⇒ GoogleAuthService constructor

A new instance of GoogleAuthService.
#revoke_authorization! ⇒ Object
#token_info ⇒ Object

Constructor Details

#initialize(integration) ⇒ `GoogleAuthService`

Returns a new instance of GoogleAuthService.



13
14
15

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 13

def initialize(integration)
  @integration = integration
end

Class Method Details

.handle_auth_callback_deferred(request) ⇒ `Object`

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 6

def handle_auth_callback_deferred(request)
  target_url = Google::Auth::WebUserAuthorizer.handle_auth_callback_deferred(request)

  target_url
end

Instance Method Details

#get_authorization_url(request, login_hint: nil) ⇒ `Object`

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 71

def get_authorization_url(request, login_hint: nil)
  request.session["code_verifier"] ||= Google::Auth::WebUserAuthorizer.generate_code_verifier
  authorizer.code_verifier = request.session["code_verifier"]
  # authorizer.get_authorization_url(request:)
  authorizer.get_authorization_url(request:, login_hint:)
end

#get_credentials(request = nil) ⇒ `Object`

Debe estar presente en la autorización (cuando google callback redirige al show)

Guarda el Token Si el client tiene más permisos que los que el user solicitó

Parameters:

request (Rack::Request) (defaults to: nil)

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 55

def get_credentials(request = nil)
  # :nocov: tricky
  if request.present? && request.session["code_verifier"].present?
    authorizer.code_verifier = request.session["code_verifier"]
  end
  # :nocov:

  authorizer.get_credentials(@integration, request).tap do |credentials|
    if credentials.nil? && request.present? && !request.session["code_verifier"].present?
      Nexo.logger.warn("Request has no code_verifier")
    end
  end
rescue Signet::AuthorizationError
  # TODO: log
end

#revoke_authorization! ⇒ `Object`



44
45
46

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 44

def revoke_authorization!
  authorizer.revoke_authorization(@integration)
end

#token_info ⇒ `Object`

# File 'app/lib/nexo/api_client/google_auth_service.rb', line 26

def token_info
  service = Google::Apis::Oauth2V2::Oauth2Service.new
  credentials = get_credentials
  if credentials.present?
    service.authorization = credentials

    # Si el token expiró o le restan pocos segundos para expirar, se
    # renovará el token.
    service.tokeninfo
  end
rescue *EXCEPTIONS => e
  # TODO: handle this
  # :nocov: TODO
  Nexo::ActiveRecordGoogleTokenStore.new.delete(@integration)
  e.class.to_s
  # :nocov:
end