Class: PadlockAuth::AbstractAccessToken Abstract

Inherits:

Object

• Object
• PadlockAuth::AbstractAccessToken

Defined in:

lib/padlock_auth/abstract_access_token.rb

Overview

This class is abstract.

AbstractAccessToken is a base class for all access token classes.

It provides all methods that are required for an access token to be compatible with PadlockAuth.

All implemented methods will default to returning false or nil, so that any authentication/authorisation attempt will fail unless the methods are implemented.

Direct Known Subclasses

Token::AccessToken

Instance Method Summary

• #acceptable?(scopes) ⇒ Boolean

  Indicates if token is acceptable for specific scopes.

• #accessible? ⇒ Boolean abstract

  Indicates the access token matches the specific criteria of the strategy to be considered a valid access token.

• #forbidden_token_reason ⇒ Symbol

  Provides a lookup key for the reason the token is forbidden.

• #includes_scope?(_required_scopes) ⇒ Boolean abstract

  Indicates if the token includes the required scopes/audience.

• #invalid_token_reason ⇒ Symbol

  Provides a lookup key for the reason the token is invalid.

Instance Method Details

#acceptable?(scopes) ⇒ Boolean

Indicates if token is acceptable for specific scopes.

Parameters:

• scopes (Array<String>) —

  scopes

Returns:

• (Boolean) —

  true if record is accessible and includes scopes, or false in other cases

# File 'lib/padlock_auth/abstract_access_token.rb', line 20

def acceptable?(scopes)
  accessible? && includes_scope?(scopes)
end

#accessible? ⇒ Boolean

This method is abstract.

Implement this method in your access token class

Indicates the access token matches the specific criteria of the strategy to be considered a valid access token.

Tokens failing to be accessible will be rejected as an invalid grant request, with a 401 Unauthorized response.

Returns:

• (Boolean) —

  true if the token is accessible, false otherwise

# File 'lib/padlock_auth/abstract_access_token.rb', line 34

def accessible?
  Kernel.warn "[PADLOCK_AUTH] #accessible? not implemented for #{self.class}"
  false
end

#forbidden_token_reason ⇒ Symbol

Provides a lookup key for the reason the token is forbidden.

Messages will use the i18n scope ‘padlock_auth.errors.messages.forbidden_token`, with the default key of :missing_scope, providing a generic error message.

The required scopes are passed as an argument to the i18n for some user feedback as required.

Returns:

• (Symbol) —

  the reason the token is forbidden

# File 'lib/padlock_auth/abstract_access_token.rb', line 73

def forbidden_token_reason
  :unknown
end

#includes_scope?(_required_scopes) ⇒ Boolean

This method is abstract.

Implement this method in your access token class

Indicates if the token includes the required scopes/audience.

Tokens failing to include the required scopes will be rejected as an invalid scope request, with a 403 Forbidden response.

Parameters:

• _required_scopes (Boolean) —

  true if the token includes the required scopes, false otherwise

Returns:

• (Boolean)

# File 'lib/padlock_auth/abstract_access_token.rb', line 59

def includes_scope?(_required_scopes)
  Kernel.warn "[PADLOCK_AUTH] #includes_scope? not implemented for #{self.class}"
  false
end

#invalid_token_reason ⇒ Symbol

Provides a lookup key for the reason the token is invalid.

Messages will use the i18n scope ‘padlock_auth.errors.messages.invalid_token`, with the default key of :unknown, providing a generic error message.

Returns:

• (Symbol) —

  the reason the token is invalid

# File 'lib/padlock_auth/abstract_access_token.rb', line 46

def invalid_token_reason
  :unknown
end