Class: Songkick::OAuth2::Model::Authorization

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• Songkick::OAuth2::Model::Authorization

Extended by:

Hashing

Defined in:

lib/songkick/oauth2/model/authorization.rb

Class Method Summary

• .create_access_token ⇒ Object
• .create_code(client) ⇒ Object
• .create_refresh_token(client) ⇒ Object
• .for(owner, client, attributes = {}) ⇒ Object

Instance Method Summary

• #exchange! ⇒ Object
• #expired? ⇒ Boolean
• #expires_in ⇒ Object
• #generate_access_token ⇒ Object
• #generate_code ⇒ Object
• #grants_access?(user, *scopes) ⇒ Boolean
• #in_scope?(request_scope) ⇒ Boolean
• #scopes ⇒ Object

Methods included from Hashing

hashes_attributes

Class Method Details

.create_access_token ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 35

def self.create_access_token
  Songkick::OAuth2.generate_id do |token|
    hash = Songkick::OAuth2.hashify(token)
    count(:conditions => {:access_token_hash => hash}).zero?
  end
end

.create_code(client) ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 29

def self.create_code(client)
  Songkick::OAuth2.generate_id do |code|
    client.authorizations.count(:conditions => {:code => code}).zero?
  end
end

.create_refresh_token(client) ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 42

def self.create_refresh_token(client)
  Songkick::OAuth2.generate_id do |refresh_token|
    hash = Songkick::OAuth2.hashify(refresh_token)
    client.authorizations.count(:conditions => {:refresh_token_hash => hash}).zero?
  end
end

.for(owner, client, attributes = {}) ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 49

def self.for(owner, client, attributes = {})
  return nil unless owner and client
  
  unless client.is_a?(Client)
    raise ArgumentError, "The argument should be a #{Client}, instead it was a #{client.class}"
  end
  
  instance = owner.oauth2_authorization_for(client) ||
             new do |authorization|
               authorization.owner  = owner
               authorization.client = client
             end
  
  case attributes[:response_type]
    when CODE
      instance.code ||= create_code(client)
    when TOKEN
      instance.access_token  ||= create_access_token
      instance.refresh_token ||= create_refresh_token(client)
    when CODE_AND_TOKEN
      instance.code = create_code(client)
      instance.access_token  ||= create_access_token
      instance.refresh_token ||= create_refresh_token(client)
  end
  
  if attributes[:duration]
    instance.expires_at = Time.now + attributes[:duration].to_i
  else
    instance.expires_at = nil
  end
  
  scopes = instance.scopes + (attributes[:scopes] || [])
  scopes += attributes[:scope].split(/\s+/) if attributes[:scope]
  instance.scope = scopes.empty? ? nil : scopes.entries.join(' ')
  
  instance.save && instance
  
rescue Object => error
  if Model.duplicate_record_error?(error)
    retry
  else
    raise error
  end
end

Instance Method Details

#exchange! ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 94

def exchange!
  self.code          = nil
  self.access_token  = self.class.create_access_token
  self.refresh_token = nil
  save!
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/songkick/oauth2/model/authorization.rb', line 101

def expired?
  return false unless expires_at
  expires_at < Time.now
end

#expires_in ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 106

def expires_in
  expires_at && (expires_at - Time.now).ceil
end

#generate_access_token ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 115

def generate_access_token
  self.access_token ||= self.class.create_access_token
  save && access_token
end

#generate_code ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 110

def generate_code
  self.code ||= self.class.create_code(client)
  save && code
end

#grants_access?(user, *scopes) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/songkick/oauth2/model/authorization.rb', line 120

def grants_access?(user, *scopes)
  not expired? and user == owner and in_scope?(scopes)
end

#in_scope?(request_scope) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/songkick/oauth2/model/authorization.rb', line 124

def in_scope?(request_scope)
  [*request_scope].all?(&scopes.method(:include?))
end

#scopes ⇒ Object

# File 'lib/songkick/oauth2/model/authorization.rb', line 128

def scopes
  scopes = scope ? scope.split(/\s+/) : []
  Set.new(scopes)
end