Class: Masks::Rails::OpenID::Client
Instance Method Summary
collapse
Methods included from Scoped
#role?, #role_records, #scope?
Instance Method Details
#assign_scopes!(*scopes) ⇒ Object
125
126
127
128
|
# File 'app/models/masks/rails/openid/client.rb', line 125
def assign_scopes!(*scopes)
self.scopes = [*scopes, *self.scopes].uniq.compact
save!
end
|
#audience ⇒ Object
113
114
115
|
# File 'app/models/masks/rails/openid/client.rb', line 113
def audience
key
end
|
#auto_consent? ⇒ Boolean
117
118
119
|
# File 'app/models/masks/rails/openid/client.rb', line 117
def auto_consent?
!consent
end
|
#code_expires_at ⇒ Object
136
137
138
|
# File 'app/models/masks/rails/openid/client.rb', line 136
def code_expires_at
Time.now + ChronicDuration.parse(code_expires_in)
end
|
#grant_types ⇒ Object
57
58
59
60
61
62
63
64
|
# File 'app/models/masks/rails/openid/client.rb', line 57
def grant_types
case client_type
when "confidential"
%w[refresh_token authorization_code client_credentials]
else
[]
end
end
|
#issuer ⇒ Object
81
82
83
84
85
86
|
# File 'app/models/masks/rails/openid/client.rb', line 81
def issuer
Masks::Engine.routes.url_helpers.openid_issuer_url(
id: key,
host: Masks.configuration.site_url
)
end
|
#kid ⇒ Object
88
89
90
|
# File 'app/models/masks/rails/openid/client.rb', line 88
def kid
:default
end
|
#pairwise_subject? ⇒ Boolean
121
122
123
|
# File 'app/models/masks/rails/openid/client.rb', line 121
def pairwise_subject?
sector_identifier && subject_type == "pairwise"
end
|
#private_key ⇒ Object
92
93
94
|
# File 'app/models/masks/rails/openid/client.rb', line 92
def private_key
OpenSSL::PKey::RSA.new(rsa_private_key)
end
|
#refresh_expires_at ⇒ Object
144
145
146
|
# File 'app/models/masks/rails/openid/client.rb', line 144
def refresh_expires_at
Time.now + ChronicDuration.parse(refresh_expires_in)
end
|
#remove_scopes!(*scopes) ⇒ Object
130
131
132
133
134
|
# File 'app/models/masks/rails/openid/client.rb', line 130
def remove_scopes!(*scopes)
scopes.each { |scope| self.scopes.delete(scope) }
save!
end
|
#response_types ⇒ Object
48
49
50
51
52
53
54
55
|
# File 'app/models/masks/rails/openid/client.rb', line 48
def response_types
case client_type
when "confidential"
["code"]
when "public"
["token", "id_token", "id_token token"]
end
end
|
#roles(record, **opts) ⇒ Object
70
71
72
73
74
75
76
77
78
79
|
# File 'app/models/masks/rails/openid/client.rb', line 70
def roles(record, **opts)
case record
when Class, String
saved_roles.where(record_type: record.to_s, **opts).includes(
:record
)
else
saved_roles.where(record:, **opts)
end
end
|
#scopes ⇒ Object
66
67
68
|
# File 'app/models/masks/rails/openid/client.rb', line 66
def scopes
self[:scopes]
end
|
#subject(actor) ⇒ Object
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
# File 'app/models/masks/rails/openid/client.rb', line 98
def subject(actor)
case subject_type
when "nickname"
actor.nickname
else
Digest::SHA256.hexdigest(
[
sector_identifier,
actor.actor_id,
Masks.configuration.openid[:pairwise_salt]
].join("/")
)
end
end
|
#to_param ⇒ Object
44
45
46
|
# File 'app/models/masks/rails/openid/client.rb', line 44
def to_param
key
end
|
#token_expires_at ⇒ Object
140
141
142
|
# File 'app/models/masks/rails/openid/client.rb', line 140
def token_expires_at
Time.now + ChronicDuration.parse(token_expires_in)
end
|