Module: Reivt::Auth

Defined in:: lib/reivt/auth.rb

Overview

Convience module for handling our authentication actions and talking to

Auth0

Author:

brwnrclse

Constant Summary collapse

AUTH_CALLBACK_URL =

'https://rev.vaemoi.co/login_success'.freeze

AUTH_CLIENT_ID =

'Q1fRDQ9u3oN33ok0ciIi9Vww5kV8U8MA'.freeze

AUTH0_ID =

Reivt::REIVT_STORE.transaction do
  Reivt::REIVT_STORE.fetch(:auth0_id, nil)
end

AUTH_STORE_ACCESS_TOKEN =

Reivt::REIVT_STORE.transaction do
  Reivt::REIVT_STORE.fetch(:access_token, nil)
end

AUTH_URL =

'https://vaemoi.auth0.com'.freeze

VERIFIER =

Sysrandom.urlsafe_base64(32)

Class Method Summary collapse

.auth_code_url ⇒ nil

Provides the user with a means to obtain an authorization code for accessing rev’s api by opening a browser to our Auth0 login page.
.auth_token(auth_code) ⇒ String

Exchanges the auth code obtained for a token used to access rev’s api.

Class Method Details

.auth_code_url ⇒ `nil`

Provides the user with a means to obtain an authorization code for

accessing rev's api by opening a browser to our Auth0 login page

# File 'lib/reivt/auth.rb', line 36

def self.auth_code_url
  verifier_challenge = Sysrandom.urlsafe_base64(
    Digest::SHA256.new.update(VERIFIER).digest.to_i
  )

  auth_code_url = AUTH_URL +
                  '/authorize?response_type=code&scope=openid%20profile' \
                  '&client_id=' + AUTH_CLIENT_ID +
                  '&redirect_uri=' + AUTH_CALLBACK_URL +
                  '&code_challenge=' + verifier_challenge +
                  '&code_challenge_method=S256'

  auth_code_url
end

.auth_token(auth_code) ⇒ `String`

Exchanges the auth code obtained for a token used to access rev’s api

# File 'lib/reivt/auth.rb', line 57

def self.auth_token(auth_code)
  auth_token_uri = URI.parse('https://vaemoi.auth0.com/oauth/token')
  body = {
    grant_type: 'authorization_code',
    client_id: AUTH_CLIENT_ID,
    code_verifier: VERIFIER,
    code: auth_code,
    redirect_uri: AUTH_CALLBACK_URL
  }
  http = Net::HTTP.new(auth_token_uri.host, auth_token_uri.port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
  req = Net::HTTP::Post.new(auth_token_uri)
  req.content_type = 'application/json'
  req.body = body.to_json

  res = http.request(req)
  token = {}
  token[:access_token] = JSON.parse(res.body)['access_token']
  token[:auth0_id] = JSON.parse(res.body)['id_token']
  token[:expires] = Time.now.to_i + JSON.parse(res.body)['expires'].to_i

  token
end