Class: OAuth2::Model::Authorization

Inherits:
ActiveRecord::Base
  • Object
show all
Extended by:
Hashing
Defined in:
lib/oauth2/model/authorization.rb

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Hashing

hashes_attributes

Class Method Details

.create_access_tokenObject 



33
34
35
36
37
38
 
# File 'lib/oauth2/model/authorization.rb', line 33

def self.create_access_token
  OAuth2.generate_id do |token|
    hash = OAuth2.hashify(token)
    count(:conditions => {:access_token_hash => hash}).zero?
  end
end

.create_code(client) ⇒ Object 



27
28
29
30
31
 
# File 'lib/oauth2/model/authorization.rb', line 27

def self.create_code(client)
  OAuth2.generate_id do |code|
    client.authorizations.count(:conditions => {:code => code}).zero?
  end
end

.create_refresh_token(client) ⇒ Object 



40
41
42
43
44
45
 
# File 'lib/oauth2/model/authorization.rb', line 40

def self.create_refresh_token(client)
  OAuth2.generate_id do |refresh_token|
    hash = OAuth2.hashify(refresh_token)
    client.authorizations.count(:conditions => {:refresh_token_hash => hash}).zero?
  end
end

.for(resource_owner, client) ⇒ Object 



22
23
24
25
 
# File 'lib/oauth2/model/authorization.rb', line 22

def self.for(resource_owner, client)
  return nil unless resource_owner and client
  resource_owner.oauth2_authorizations.find_by_client_id(client.id)
end

.for_response_type(response_type, attributes = {}) ⇒ Object 



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/oauth2/model/authorization.rb', line 47

def self.for_response_type(response_type, attributes = {})
  instance = self.for(attributes[:owner], attributes[:client]) ||
             new(:owner => attributes[:owner], :client => attributes[:client])
  
  case response_type
    when CODE
      instance.code ||= create_code(attributes[:client])
    when TOKEN
      instance.access_token  ||= create_access_token
      instance.refresh_token ||= create_refresh_token(attributes[:client])
    when CODE_AND_TOKEN
      instance.code = create_code(attributes[:client])
      instance.access_token  ||= create_access_token
      instance.refresh_token ||= create_refresh_token(attributes[:client])
  end
  
  if attributes[:duration]
    instance.expires_at = Time.now + attributes[:duration].to_i
  else
    instance.expires_at = nil
  end
  
  if attributes[:scope]
    scopes = instance.scopes + attributes[:scope].split(/\s+/)
    instance.scope = scopes.join(' ')
  end
  
  instance.save && instance
end

Instance Method Details

#exchange!Object 



77
78
79
80
81
82
 
# File 'lib/oauth2/model/authorization.rb', line 77

def exchange!
  self.code          = nil
  self.access_token  = self.class.create_access_token
  self.refresh_token = nil
  save!
end

#expired?Boolean

Returns:

  • (Boolean) 


84
85
86
87
 
# File 'lib/oauth2/model/authorization.rb', line 84

def expired?
  return false unless expires_at
  expires_at < Time.now
end

#expires_inObject 



89
90
91
 
# File 'lib/oauth2/model/authorization.rb', line 89

def expires_in
  expires_at && (expires_at - Time.now).ceil
end

#generate_codeObject 



93
94
95
96
 
# File 'lib/oauth2/model/authorization.rb', line 93

def generate_code
  self.code ||= self.class.create_code(client)
  save && code
end

#grants_access?(user, *scopes) ⇒ Boolean

Returns:

  • (Boolean) 


98
99
100
 
# File 'lib/oauth2/model/authorization.rb', line 98

def grants_access?(user, *scopes)
  not expired? and user == owner and in_scope?(scopes)
end

#in_scope?(request_scope) ⇒ Boolean

Returns:

  • (Boolean) 


102
103
104
 
# File 'lib/oauth2/model/authorization.rb', line 102

def in_scope?(request_scope)
  [*request_scope].all?(&scopes.method(:include?))
end

#scopesObject 



106
107
108
 
# File 'lib/oauth2/model/authorization.rb', line 106

def scopes
  scope ? scope.split(/\s+/) : []
end