Class: Rack::OAuth2::Client

Inherits:
Object
  • Object
show all
Includes:
AttrOptional, AttrRequired
Defined in:
lib/rack/oauth2/client.rb,
lib/rack/oauth2/client/error.rb,
lib/rack/oauth2/client/grant.rb,
lib/rack/oauth2/client/grant/password.rb,
lib/rack/oauth2/client/grant/jwt_bearer.rb,
lib/rack/oauth2/client/grant/saml2_bearer.rb,
lib/rack/oauth2/client/grant/refresh_token.rb,
lib/rack/oauth2/client/grant/token_exchange.rb,
lib/rack/oauth2/client/grant/authorization_code.rb,
lib/rack/oauth2/client/grant/client_credentials.rb

Defined Under Namespace

Classes: Error, Grant

Instance Method Summary collapse

Constructor Details

#initialize(attributes = {}) ⇒ Client

Returns a new instance of Client.



8
9
10
11
12
13
14
15
16
# File 'lib/rack/oauth2/client.rb', line 8

def initialize(attributes = {})
  (required_attributes + optional_attributes).each do |key|
    self.send :"#{key}=", attributes[key]
  end
  @grant = Grant::ClientCredentials.new
  @authorization_endpoint ||= '/oauth2/authorize'
  @token_endpoint ||= '/oauth2/token'
  attr_missing!
end

Instance Method Details

#access_token!(*args) ⇒ Object



71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'lib/rack/oauth2/client.rb', line 71

def access_token!(*args)
  headers, params = {}, @grant.as_json

  # NOTE:
  #  Using Array#estract_options! for backward compatibility.
  #  Until v1.0.5, the first argument was 'client_auth_method' in scalar.
  options = args.extract_options!
  client_auth_method = args.first || options.delete(:client_auth_method) || :basic

  params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
  params.merge! options

  case client_auth_method
  when :basic
    cred = ["#{identifier}:#{secret}"].pack('m').tr("\n", '')
    headers.merge!(
      'Authorization' => "Basic #{cred}"
    )
  when :jwt_bearer
    params.merge!(
      client_assertion_type: URN::ClientAssertionType::JWT_BEARER
    )
    # NOTE: optionally auto-generate client_assertion.
    if params[:client_assertion].blank?
      require 'json/jwt'
      params[:client_assertion] = JSON::JWT.new(
        iss: identifier,
        sub: identifier,
        aud: absolute_uri_for(token_endpoint),
        jti: SecureRandom.hex(16),
        iat: Time.now,
        exp: 3.minutes.from_now
      ).sign(private_key || secret).to_s
    end
  when :saml2_bearer
    params.merge!(
      client_assertion_type: URN::ClientAssertionType::SAML2_BEARER
    )
  else
    params.merge!(
      client_id: identifier,
      client_secret: secret
    )
  end
  handle_response do
    Rack::OAuth2.http_client.post(
      absolute_uri_for(token_endpoint),
      Util.compact_hash(params),
      headers
    )
  end
end

#authorization_code=(code) ⇒ Object



28
29
30
31
32
33
# File 'lib/rack/oauth2/client.rb', line 28

def authorization_code=(code)
  @grant = Grant::AuthorizationCode.new(
    code: code,
    redirect_uri: self.redirect_uri
  )
end

#authorization_uri(params = {}) ⇒ Object



18
19
20
21
22
23
24
25
26
# File 'lib/rack/oauth2/client.rb', line 18

def authorization_uri(params = {})
  params[:response_type] ||= :code
  params[:response_type] = Array(params[:response_type]).join(' ')
  params[:scope] = Array(params[:scope]).join(' ')
  Util.redirect_uri absolute_uri_for(authorization_endpoint), :query, params.merge(
    client_id: self.identifier,
    redirect_uri: self.redirect_uri
  )
end

#force_token_type!(token_type) ⇒ Object



67
68
69
# File 'lib/rack/oauth2/client.rb', line 67

def force_token_type!(token_type)
  @forced_token_type = token_type.to_s
end

#jwt_bearer=(assertion) ⇒ Object



48
49
50
51
52
# File 'lib/rack/oauth2/client.rb', line 48

def jwt_bearer=(assertion)
  @grant = Grant::JWTBearer.new(
    assertion: assertion
  )
end

#refresh_token=(token) ⇒ Object



42
43
44
45
46
# File 'lib/rack/oauth2/client.rb', line 42

def refresh_token=(token)
  @grant = Grant::RefreshToken.new(
    refresh_token: token
  )
end

#resource_owner_credentials=(credentials) ⇒ Object



35
36
37
38
39
40
# File 'lib/rack/oauth2/client.rb', line 35

def resource_owner_credentials=(credentials)
  @grant = Grant::Password.new(
    username: credentials.first,
    password: credentials.last
  )
end

#saml2_bearer=(assertion) ⇒ Object



54
55
56
57
58
# File 'lib/rack/oauth2/client.rb', line 54

def saml2_bearer=(assertion)
  @grant = Grant::SAML2Bearer.new(
    assertion: assertion
  )
end

#subject_token=(subject_token, subject_token_type = URN::TokenType::JWT) ⇒ Object



60
61
62
63
64
65
# File 'lib/rack/oauth2/client.rb', line 60

def subject_token=(subject_token, subject_token_type = URN::TokenType::JWT)
  @grant = Grant::TokenExchange.new(
    subject_token: subject_token,
    subject_token_type: subject_token_type
  )
end