Class: Oxd::ClientOxdCommands

Inherits:
OxdConnector show all
Defined in:
lib/oxd/client_oxd_commands.rb

Overview

This class carries out the commands to talk with the oxd server. The oxd request commands are provided as class methods that can be called to send the command to the oxd server via socket and the reponse is returned as a dict by the called method.

Instance Method Summary collapse

Methods inherited from OxdConnector

#getData, #getResponseData, #getResponseObject, #is_json?, #logger, #oxd_http_request, #oxd_socket_request, #request, #trigger_error, #validate_command

Constructor Details

#initializeClientOxdCommands

class constructor



13
14
15
 
# File 'lib/oxd/client_oxd_commands.rb', line 13

def initialize
	super
end

Instance Method Details

#client_paramsHASH

common params to use with client setup commands ie. setup_client, register_site and update_site

Returns:

  • (HASH)

    client_params



207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
 
# File 'lib/oxd/client_oxd_commands.rb', line 207

def client_params
	client_params = {
		"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
		"post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
		"response_types"=> @configuration.response_types,
		"grant_types" => @configuration.grant_types,
		"scope" => @configuration.scope,
		"acr_values" => @configuration.acr_values,
		"client_jwks_uri" => @configuration.client_jwks_uri,
		"client_name" => @configuration.client_name,
		"client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
		"client_request_uris" => @configuration.client_request_uris,
		"client_frontchannel_logout_uris" => @configuration.client_frontchannel_logout_uris,
		"client_sector_identifier_uri" => @configuration.client_sector_identifier_uri,
		"contacts" => @configuration.contacts,
		"ui_locales" => @configuration.ui_locales,
		"claims_locales" => @configuration.claims_locales
	}
end

#get_access_token_by_refresh_token(scope = nil) ⇒ String

method to retrieve access token. It is called after getting the refresh_token by using the code and state.

Parameters:

  • scope (Array) (defaults to: nil)

    OPTIONAL, scopes required, takes the scopes registered with register_site by defualt

Returns:

  • (String)

    access_token



121
122
123
124
125
126
127
128
129
130
131
 
# File 'lib/oxd/client_oxd_commands.rb', line 121

def get_access_token_by_refresh_token(scope = nil)
	@command = 'get_access_token_by_refresh_token'
	@params = {
           "oxd_id" => @configuration.oxd_id,
           "refresh_token" => @configuration.refresh_token,
           "scope" => (scope.blank?)? @configuration.scope : scope,
           "protection_access_token" => @configuration.protection_access_token
      	}        	
	request('get-access-token-by-refresh-token')
	getResponseData['access_token']
end

#get_authorization_url(scope: [], acr_values: [], custom_params: {}) ⇒ String

method to get authorization url that the user must be redirected to for authorization and authentication

Parameters:

  • scope (Array) (defaults to: [])

    OPTIONAL, scopes required, takes the scopes registered with register_site by defualt

  • acr_values (Array) (defaults to: [])

    OPTIONAL, list of acr values in the order of priority

  • custom_params (Hash) (defaults to: {})

    OPTIONAL, custom parameters

Returns:

  • (String)

    authorization_url



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/oxd/client_oxd_commands.rb', line 79

def get_authorization_url(scope: [], acr_values: [], custom_params: {})
	logger("@configuration object params #{@configuration.inspect}")
	
	@command = 'get_authorization_url'			
	@params = {
           "oxd_id" => @configuration.oxd_id,
           "prompt" => @configuration.prompt,
           "scope" => (scope.blank?)? @configuration.scope : scope,	            
           "acr_values" => (acr_values.blank?)? @configuration.acr_values : acr_values,
           "custom_parameters" => custom_params,
		"protection_access_token" => @configuration.protection_access_token
      	}
      	logger("get_authorization_url params #{@params.inspect}")
    request('get-authorization-url')
    getResponseData['authorization_url']
end

#get_client_token(op_discovery_path = nil) ⇒ STRING

method to generate the protection access token obtained access token is passed as protection_access_token to all further calls to oxd-https-extension

Parameters:

  • op_discovery_path (STRING) (defaults to: nil)

    OPTIONAL, op discovery path provided by OP

Returns:

  • (STRING)

    access_token



49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/oxd/client_oxd_commands.rb', line 49

def get_client_token(op_discovery_path = nil)
	@command = 'get_client_token'
	@params = {
		"op_host" => @configuration.op_host,
		"scope" => @configuration.scope,
		"client_id" => @configuration.client_id,
		"client_secret" => @configuration.client_secret,
		"op_discovery_path" => (op_discovery_path.blank?)? @configuration.op_discovery_path : op_discovery_path,
       }
       request('get-client-token')
       @configuration.protection_access_token = getResponseData['access_token']
end

#get_logout_uri(state = nil, session_state = nil) ⇒ String

method to retrieve logout url from OP. User must be redirected to this url to perform logout

Parameters:

  • state (String) (defaults to: nil)

    OPTIONAL, website state obtained from the authorization url callback

  • session_state (String) (defaults to: nil)

    OPTIONAL, session state obtained from the authorization url callback

Returns:

  • (String)

    uri



154
155
156
157
158
159
160
161
162
163
164
165
166
 
# File 'lib/oxd/client_oxd_commands.rb', line 154

def get_logout_uri( state = nil, session_state = nil)
	@command = 'get_logout_uri'
	@params = {
           "oxd_id" => @configuration.oxd_id,
           "id_token_hint" => @configuration.id_token,
           "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri, 
           "state" => state,
           "session_state" => session_state,
           "protection_access_token" => @configuration.protection_access_token
      	}
      	request('get-logout-uri')
      	getResponseData['uri']
end

#get_tokens_by_code(code, state) ⇒ String

method to retrieve access token. It is called after the user authorizes by visiting the authorization url.

Parameters:

  • code (String)

    code obtained from the authorization url callback

  • state (String)

    state obtained from the authorization url callback

Returns:

  • (String)

    access_token



100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
 
# File 'lib/oxd/client_oxd_commands.rb', line 100

def get_tokens_by_code( code, state )
          if (code.empty?)
          	trigger_error("Empty/Wrong value in place of code.")
      	end
	@command = 'get_tokens_by_code'
	@params = {
           "oxd_id" => @configuration.oxd_id,
           "code" => code,
           "state" => state,
           "protection_access_token" => @configuration.protection_access_token
      	}        	
	request('get-tokens-by-code')
	@configuration.id_token = getResponseData['id_token']
	@configuration.refresh_token = getResponseData['refresh_token']
	getResponseData['access_token']
end

#get_user_info(access_token) ⇒ String

get the information about the user using the access token obtained from the OP

Parameters:

  • access_token (String)

    access token recieved from the get_tokens_by_code command

Returns:

  • (String)

    user data claims that are returned by the OP



136
137
138
139
140
141
142
143
144
145
146
147
148
 
# File 'lib/oxd/client_oxd_commands.rb', line 136

def (access_token)
	if access_token.empty?
           trigger_error("Empty access code sent for get_user_info")
       end
	@command = 'get_user_info'
   	@params = {
           "oxd_id" => @configuration.oxd_id,
           "access_token" => access_token,
           "protection_access_token" => @configuration.protection_access_token
      	}
      	request('get-user-info')
	getResponseData['claims']
end

#introspect_access_tokenOBJECT

method to gain information about an access token

Returns:

  • (OBJECT)

    @response_data



64
65
66
67
68
69
70
71
72
 
# File 'lib/oxd/client_oxd_commands.rb', line 64

def introspect_access_token
	@command = 'introspect_access_token'
	@params = {
		"oxd_id" => @configuration.oxd_id,
		"access_token" => @configuration.protection_access_token
       }
       request('introspect-access-token')
       getResponseData
end

#oxdConfigObject

Returns oxd Configuraton object.

Returns:

  • oxd Configuraton object



241
242
243
 
# File 'lib/oxd/client_oxd_commands.rb', line 241

def oxdConfig
	return @configuration
end

#register_paramsHASH

common params to use with register_site and setup_client commands

Returns:

  • (HASH)

    register_params



229
230
231
232
233
234
235
236
237
238
 
# File 'lib/oxd/client_oxd_commands.rb', line 229

def register_params
	register_params = {
		"op_host" => @configuration.op_host,
		"application_type" => @configuration.application_type,
		"claims_redirect_uri" => @configuration.claims_redirect_uri,
		"client_id" => @configuration.client_id,
        "client_secret" => @configuration.client_secret,
        "oxd_rp_programming_language" => "ruby"
	}
end

#register_siteString

method to register the website and generate a unique ID for that website

Returns:

  • (String)

    oxd_id of the registered website



30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/oxd/client_oxd_commands.rb', line 30

def register_site	
	# Check if client is already registered
	# @return registered oxd_id
	if(!@configuration.oxd_id.empty?)
		return @configuration.oxd_id
	else
		@command = 'register_site'
		@params = client_params.merge(register_params)
		@params = @params.merge({"protection_access_token" => @configuration.protection_access_token})
        request('register-site')
        logger("oxd Id from register_site : "+getResponseData['oxd_id'])
        @configuration.oxd_id = getResponseData['oxd_id']
    end	        
end

#remove_siteString

method to clean up the website’s information from oxd server.

Returns:

  • (String)

    oxd_id - if site data was cleaned successfully



192
193
194
195
196
197
198
199
200
201
202
 
# File 'lib/oxd/client_oxd_commands.rb', line 192

def remove_site
   	@command = 'remove_site'
      	@params = {
       	"oxd_id" => @configuration.oxd_id,
       	"protection_access_token" => @configuration.protection_access_token
       }
       request('remove-site')
       if @response_object['status'] == "ok"
       	@configuration.oxd_id = getResponseData['oxd_id']	            
       end
end

#setup_clientString

method to setup the client and generate a Client ID, Client Secret for the site

Returns:

  • (String)

    oxd_id of the registered website



19
20
21
22
23
24
25
26
 
# File 'lib/oxd/client_oxd_commands.rb', line 19

def setup_client
	@command = 'setup_client'
	@params = client_params.merge(register_params)
	request('setup-client')
       @configuration.client_id = getResponseData['client_id']
       @configuration.client_secret = getResponseData['client_secret']
       @configuration.oxd_id = getResponseData['oxd_id']
end

#update_siteBoolean

method to update the website’s information for oxd server. This should be called after changing the values in the oxd_config file.

Returns:

  • (Boolean)

    status - if site registration was updated successfully or not



171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
 
# File 'lib/oxd/client_oxd_commands.rb', line 171

def update_site
   	@command = 'update_site'
      	@params = client_params.merge(
      		{
        	"oxd_id" => @configuration.oxd_id,
			"client_secret_expires_at" => 3080736637943,
			"oxd_rp_programming_language" => "ruby",
			"protection_access_token" => @configuration.protection_access_token
		}
      	)				
       request('update-site')
       if @response_object['status'] == "ok"
       	@configuration.oxd_id = getResponseData['oxd_id']
           return true
       else
           return false
       end
end