Class: Opro::Oauth::AuthGrant

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• Opro::Oauth::AuthGrant

Defined in:

app/models/opro/oauth/auth_grant.rb

Class Method Summary

• .find_by_code_app(code, app) ⇒ Object
• .find_by_refresh_app(refresh_token, application_id) ⇒ Object
• .find_for_token(token) ⇒ Object
• .find_or_create_by_user_app(user, app) ⇒ Object
• .find_user_for_token(token) ⇒ Object

Instance Method Summary

• #can?(value) ⇒ Boolean

  attr_accessible :code, :access_token, :refresh_token, :access_token_expires_at, :permissions, :user_id, :user, :application_id, :application.

• #default_permissions ⇒ Object

  turns array of permissions into a hash [:write, :read] => true, read: true.

• #expired? ⇒ Boolean
• #expires_in ⇒ Object
• #not_expired? ⇒ Boolean
• #redirect_uri_for(redirect_uri, state = nil) ⇒ Object
• #refresh ⇒ Object

  generates tokens, expires_at.

• #refresh! ⇒ Object

  generates tokens, expires_at and saves.

• #unique_token_for(field, secure_token = SecureRandom.hex(16)) ⇒ Object

  used to guarantee that we are generating unique codes, access_tokens and refresh_tokens.

• #update_permissions(permissions = default_permissions) ⇒ Object

Class Method Details

.find_by_code_app(code, app) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 50

def self.find_by_code_app(code, app)
  app_id = app.is_a?(Integer) ? app : app.id
  auth_grant = self.where("code = ? AND application_id = ?", code, app_id).first
end

.find_by_refresh_app(refresh_token, application_id) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 77

def self.find_by_refresh_app(refresh_token, application_id)
  self.where("refresh_token = ? AND application_id = ?", refresh_token, application_id).first
end

.find_for_token(token) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 42

def self.find_for_token(token)
  self.where(:access_token => token).includes(:user, :client_application).first
end

.find_or_create_by_user_app(user, app) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 61

def self.find_or_create_by_user_app(user, app)
  app_id = app.is_a?(Integer) ? app : app.id
  auth_grant  =   self.where(:user_id  => user.id, :application_id => app_id).first
  auth_grant  ||= begin
    auth_grant                = self.new
    auth_grant.user_id        = user.id
    auth_grant.application_id = app_id
    auth_grant.save
    auth_grant
  end
end

.find_user_for_token(token) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 46

def self.find_user_for_token(token)
  find_app_for_token.try(:user)
end

Instance Method Details

#can?(value) ⇒ Boolean

attr_accessible :code, :access_token, :refresh_token, :access_token_expires_at, :permissions, :user_id, :user, :application_id, :application

Returns:

• (Boolean)

# File 'app/models/opro/oauth/auth_grant.rb', line 23

def can?(value)
  HashWithIndifferentAccess.new(permissions)[value]
end

#default_permissions ⇒ Object

turns array of permissions into a hash

:write, :read

> true, read: true

# File 'app/models/opro/oauth/auth_grant.rb', line 57

def default_permissions
  ::Opro.request_permissions.each_with_object({}) {|element, hash| hash[element] = true }
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/opro/oauth/auth_grant.rb', line 27

def expired?
  return false unless ::Opro.require_refresh_within.present?
  return expires_in && expires_in < 0
end

#expires_in ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 36

def expires_in
  return false unless access_token_expires_at.present?
  time = access_token_expires_at - Time.now
  time.to_i
end

#not_expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/opro/oauth/auth_grant.rb', line 32

def not_expired?
  !expired?
end

#redirect_uri_for(redirect_uri, state = nil) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 102

def redirect_uri_for(redirect_uri, state = nil)
  if redirect_uri =~ /\?/
    redirect_uri << "&code=#{code}&response_type=code"
  else
    redirect_uri << "?code=#{code}&response_type=code"
  end
  redirect_uri << "&state=#{state}" if state.present?
  redirect_uri
end

#refresh ⇒ Object

generates tokens, expires_at

# File 'app/models/opro/oauth/auth_grant.rb', line 88

def refresh
  generate_tokens!
  generate_expires_at!
  self
end

#refresh! ⇒ Object

generates tokens, expires_at and saves

# File 'app/models/opro/oauth/auth_grant.rb', line 82

def refresh!
  refresh
  save!
end

#unique_token_for(field, secure_token = SecureRandom.hex(16)) ⇒ Object

used to guarantee that we are generating unique codes, access_tokens and refresh_tokens

# File 'app/models/opro/oauth/auth_grant.rb', line 95

def unique_token_for(field, secure_token  = SecureRandom.hex(16))
  raise "bad field" unless self.respond_to?(field)
  auth_grant = self.class.where(field => secure_token).first
  return secure_token if auth_grant.blank?
  unique_token_for(field)
end

#update_permissions(permissions = default_permissions) ⇒ Object

# File 'app/models/opro/oauth/auth_grant.rb', line 73

def update_permissions(permissions = default_permissions)
  self.permissions = permissions and save if self.permissions != permissions
end