Module: PublishingPlatform::SSO::BearerToken

Defined in:: lib/publishing_platform_sso/bearer_token.rb

Class Method Summary collapse

.locate(token_string) ⇒ Object
.oauth_client ⇒ Object
.omniauth_style_response(response_body) ⇒ Object

Our User code assumes we’re getting our user data back via omniauth and so receiving it in omniauth’s preferred structure.

Class Method Details

.locate(token_string) ⇒ `Object`

# File 'lib/publishing_platform_sso/bearer_token.rb', line 7

def self.locate(token_string)
  user_details = PublishingPlatform::SSO::Config.cache.fetch(["api-user-cache", token_string], expires_in: 5.minutes) do
    access_token = OAuth2::AccessToken.new(oauth_client, token_string)
    response_body = access_token.get("/user.json?client_id=#{CGI.escape(PublishingPlatform::SSO::Config.oauth_id)}").body
    omniauth_style_response(response_body)
  end

  PublishingPlatform::SSO::Config.user_klass.find_for_oauth(user_details)
rescue OAuth2::Error
  nil
end

.oauth_client ⇒ `Object`

# File 'lib/publishing_platform_sso/bearer_token.rb', line 19

def self.oauth_client
  @oauth_client ||= OAuth2::Client.new(
    PublishingPlatform::SSO::Config.oauth_id,
    PublishingPlatform::SSO::Config.oauth_secret,
    site: PublishingPlatform::SSO::Config.oauth_root_url,
    connection_opts: {
      headers: {
        user_agent: "publishing_platform_sso/#{PublishingPlatform::SSO::VERSION} (#{ENV['PUBLISHING_PLATFORM_APP_NAME']})",
      },
    }.merge(PublishingPlatform::SSO::Config.connection_opts),
  )
end

.omniauth_style_response(response_body) ⇒ `Object`

Our User code assumes we’re getting our user data back via omniauth and so receiving it in omniauth’s preferred structure. Here we’re addressing signon directly so we need to transform the response ourselves.

# File 'lib/publishing_platform_sso/bearer_token.rb', line 36

def self.omniauth_style_response(response_body)
  input = JSON.parse(response_body).fetch("user")

  {
    "uid" => input["uid"],
    "info" => {
      "email" => input["email"],
      "name" => input["name"],
    },
    "extra" => {
      "user" => {
        "permissions" => input["permissions"],
        "organisation_slug" => input["organisation_slug"],
        "organisation_content_id" => input["organisation_content_id"],
      },
    },
  }
end

Module: PublishingPlatform::SSO::BearerToken

Class Method Summary collapse

Class Method Details

.locate(token_string) ⇒ Object

.oauth_client ⇒ Object

.omniauth_style_response(response_body) ⇒ Object

.locate(token_string) ⇒ `Object`

.oauth_client ⇒ `Object`

.omniauth_style_response(response_body) ⇒ `Object`