Class: Riddl::Utils::OAuth2::UnivieApp::VerifyIdentity

Inherits:

Implementation

• Object
• Implementation
• Riddl::Utils::OAuth2::UnivieApp::VerifyIdentity

Defined in:

lib/ruby/riddl/utils/oauth2-univie.rb

Instance Method Summary

• #response ⇒ Object

Methods inherited from Implementation

#headers, #initialize, #status

Constructor Details

This class inherits a constructor from Riddl::Implementation

Instance Method Details

#response ⇒ Object

# File 'lib/ruby/riddl/utils/oauth2-univie.rb', line 77

def response
  code = Base64::urlsafe_decode64 @p[0].value
  access_tokens  = @a[0]
  refresh_tokens = @a[1]
  codes          = @a[2]
  client_id      = @a[3]
  client_secret  = @a[4]
  adur           = @a[5]
  rdur           = @a[6]
  client_pass    = "#{client_id}:#{client_secret}"

  user_id, decrypted = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2) rescue [nil,nil]
  if user_id.nil?
    @status = 403
    return Riddl::Parameter::Complex.new('data', 'application/json', {
      :error => 'Code invalid. Client_id or client_secret not suitable for decryption.'
    }.to_json)
  else
    token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
    codes.set(code, refresh_token, rdur)
    access_tokens.set(token, user_id, rdur) # not adur, to identify expired access tokens
    refresh_tokens.set(refresh_token, token, rdur)

    json_response = {
      :access_token => token,
      :refresh_token => refresh_token,
      :code => Base64.urlsafe_encode64(decrypted),
      :user_id => user_id
    }.to_json

    Riddl::Parameter::Complex.new('data', 'application/json', json_response)
  end
end