Class: IndieAuth::TokenVerification

Inherits:

Object

• Object
• IndieAuth::TokenVerification

Defined in:

lib/indie_auth/token_verification.rb,
lib/indie_auth/token_verification/version.rb

Defined Under Namespace

Classes: AccessTokenMissingError, ForbiddenUserError, IncorrectMeError, InsufficentScopeError, MissingDomainError, MissingTokenEndpointError

Constant Summary

VERSION =

"0.2.1"

Instance Attribute Summary

• #access_token ⇒ Object readonly

  Returns the value of attribute access_token.

Instance Method Summary

• #initialize(access_token) ⇒ TokenVerification constructor

  A new instance of TokenVerification.

• #verify(desired_scope = nil) ⇒ Object

Constructor Details

#initialize(access_token) ⇒ TokenVerification

Returns a new instance of TokenVerification.

# File 'lib/indie_auth/token_verification.rb', line 16

def initialize(access_token)
  @access_token = access_token.to_s.strip.sub(/\ABearer\s*/, '')
end

Instance Attribute Details

#access_token ⇒ Object (readonly)

Returns the value of attribute access_token.

# File 'lib/indie_auth/token_verification.rb', line 14

def access_token
  @access_token
end

Instance Method Details

#verify(desired_scope = nil) ⇒ Object

Raises:

• (AccessTokenMissingError)

# File 'lib/indie_auth/token_verification.rb', line 20

def verify(desired_scope=nil)
  raise AccessTokenMissingError if access_token.nil? or access_token.empty?
  raise MissingDomainError if ENV.fetch('DOMAIN', nil).nil?
  raise MissingTokenEndpointError if ENV.fetch('TOKEN_ENDPOINT', nil).nil?

  response = validate_token
  raise ForbiddenUserError unless response.kind_of? Net::HTTPSuccess

  response_body = JSON.parse(response.body)
  if response_body.fetch('me', nil) != ENV['DOMAIN']
    raise IncorrectMeError, "Expected: '#{ENV['DOMAIN']}', Received: '#{response_body.fetch('me', nil)}'"
  end

  return true if desired_scope.nil?
  scope_included_in_response?(response_body, desired_scope)
end