Module: ShopliftClient

Extended by:

ActiveSupport::Concern

Included in:

ApiController, AuthController, UserAuthenticatedController, UserAuthenticatedOrApiController

Defined in:

app/controllers/concerns/shoplift_client.rb

Instance Method Summary

• #authenticate_company!(soft = false) ⇒ Object
• #authenticate_user ⇒ Object
• #authenticate_user! ⇒ Object
• #authenticate_user_or_api! ⇒ Object
• #client ⇒ Object
• #current_company ⇒ Object
• #current_user ⇒ Object
• #find_company_by_code(code) ⇒ Object
• #get(url, params = {}) ⇒ Object
• #post(url, params) ⇒ Object

  To create/update a model, params must be of form { model_name: { attr1: value1, attr2: value2 } } and attr1, attr2 must be in the list of allowed params the Rails way.

• #redirect_unauthorized ⇒ Object
• #scope ⇒ Object
• #session_cookie ⇒ Object
• #session_cookie=(new_value) ⇒ Object
• #srv ⇒ Object
• #user_signed_in? ⇒ Boolean

Instance Method Details

#authenticate_company!(soft = false) ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 109

def authenticate_company!(soft = false)
  return true if authenticate_user

  @api_key = if params['key'].present?
               params['key'].match(/[0-9a-f]+/).to_s
             elsif request.headers['AUTHORIZATION'].present? && !request.headers['AUTHORIZATION'].include?('Basic')
               request.headers['AUTHORIZATION'].gsub(/^Bearer ?/, '')
             else
               Rails.configuration.settings['authlift_default_app_key']
             end

  if @api_key.blank?
    return false if soft
    fail ActionController::RoutingError, 'Authentication token missing'
  end

  response = srv.post 'auth/api_key',
                      body: {
                        api_key: api_key,
                        requested_action: "#{self.controller_name}##{self.action_name}"
                      }

  if response.blank?
    return false if soft
    fail ActionController::RoutingError, 'Request not authorized'
  end

  @authentication = JSON.parse response.body
  find_company_by_code authentication['company']
  true
end

#authenticate_user ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 74

def authenticate_user
  if session_cookie.present?
    @token = OAuth2::AccessToken.new client, session_cookie, scope: scope
    begin
      x = srv.get '/api/users/profile'
      @current_user = JSON.parse x.response.body
      user_scopes = JSON.parse @current_user['scopes']
      unless user_scopes.include? 'admin'
        (self.class.required_scopes || []).each do |required_scope|
          unless user_scopes.include? required_scope
            render(file: 'shopapp/403.html', status: 403, layout: false, locals: { missing_scope: required_scope })
            return false
          end
        end
      end
      find_company_by_code current_user['company']['code']
    rescue OAuth2::Error
      return false
    end
  else
    return false
  end
  true
end

#authenticate_user! ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 99

def authenticate_user!
  redirect_unauthorized unless authenticate_user
end

#authenticate_user_or_api! ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 103

def authenticate_user_or_api!
  unless authenticate_company!(true)
    redirect_unauthorized
  end
end

#client ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 184

def client
  @oauth ||= OAuth2::Client.new Rails.configuration.settings['authlift_app_id'],
                                Rails.configuration.settings['authlift_app_secret'],
                                site: Rails.configuration.settings['authlift_url']
end

#current_company ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 147

def current_company
end

#current_user ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 141

def current_user
  return @current_user if @current_user.present?

  @current_user
end

#find_company_by_code(code) ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 58

def find_company_by_code(code)
  begin
    @current_company ||= Company.find_or_create_by! code: code
  rescue ActiveRecord::StatementInvalid
    if $!.cause.is_a? PG::UndefinedTable
      fail <<-ERROR.strip_heredoc
        You have not defined a company, and that is compulsory even if
        you are not planning to add any additional fields. You do not need to
        seed it, so following is enough forever:

            rails g model company code:string; rake db:migrate
      ERROR
    end
  end
end

#get(url, params = {}) ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 168

def get(url, params = {})
  puts 'co_cli: get'
  puts "url: #{url}"
  puts "params: #{params}"
  response = srv.request(:get, url, body: params)
  JSON.parse(response.body)
rescue OAuth2::Error
  raise "Server fault, could not perform post to #{srv.client.site}#{url}"
rescue
  raise "Unknown error, could not perform post to #{srv.client.site}#{url}"
end

#post(url, params) ⇒ Object

To create/update a model, params must be of form { model_name: { attr1: value1, attr2: value2 } } and attr1, attr2 must be in the list of allowed params the Rails way.

# File 'app/controllers/concerns/shoplift_client.rb', line 156

def post(url, params)
  puts 'co_cli: post'
  puts "url: #{url}"
  puts "params: #{params}"
  response = srv.request(:post, url, body: params)
  JSON.parse(response.body)
rescue OAuth2::Error
  raise "Server fault, could not perform post to #{srv.client.site}#{url}"
rescue
  raise "Unknown error, could not perform post to #{srv.client.site}#{url}"
end

#redirect_unauthorized ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 45

def redirect_unauthorized
  return if performed?
  session.clear
  session[:previous_url] = request.fullpath
  redirect_to client.auth_code.authorize_url(
    redirect_uri: Rails.configuration.settings['authlift_redirect_uri'],
    scope: scope)
end

#scope ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 54

def scope
  [Rails.configuration.settings['authlift_default_scope'], 'public'].compact.join ' '
end

#session_cookie ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 37

def session_cookie
  session["authlift_session_id"]
end

#session_cookie=(new_value) ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 41

def session_cookie=(new_value)
  session["authlift_session_id"] = new_value
end

#srv ⇒ Object

# File 'app/controllers/concerns/shoplift_client.rb', line 180

def srv
  @token ||= client.client_credentials.get_token scope: scope
end

#user_signed_in? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/concerns/shoplift_client.rb', line 150

def user_signed_in?
  !current_user.nil?
end