Module: SMARTAppLaunch::TokenPayloadValidation
- Defined in:
- lib/smart_app_launch/token_payload_validation.rb
Constant Summary collapse
- STRING_FIELDS =
['access_token', 'token_type', 'scope', 'refresh_token'].freeze
- NUMERIC_FIELDS =
['expires_in'].freeze
Instance Method Summary collapse
- #check_for_missing_scopes(requested_scopes, body) ⇒ Object
- #validate_required_fields_present(body, required_fields) ⇒ Object
- #validate_scope_subset(received_scopes, original_scopes) ⇒ Object
- #validate_token_field_types(body) ⇒ Object
- #validate_token_type(body) ⇒ Object
Instance Method Details
#check_for_missing_scopes(requested_scopes, body) ⇒ Object
17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'lib/smart_app_launch/token_payload_validation.rb', line 17 def check_for_missing_scopes(requested_scopes, body) expected_scopes = requested_scopes.split new_scopes = body['scope'].split missing_scopes = expected_scopes - new_scopes warning do missing_scopes_string = missing_scopes.map { |scope| "`#{scope}`" }.join(', ') assert missing_scopes.empty?, %( Token exchange response did not include all requested scopes. These may have been denied by user: #{missing_scopes_string}. ) end end |
#validate_required_fields_present(body, required_fields) ⇒ Object
6 7 8 9 10 11 |
# File 'lib/smart_app_launch/token_payload_validation.rb', line 6 def validate_required_fields_present(body, required_fields) missing_fields = required_fields.select { |field| body[field].blank? } missing_fields_string = missing_fields.map { |field| "`#{field}`" }.join(', ') assert missing_fields.empty?, "Token exchange response did not include all required fields: #{missing_fields_string}." end |
#validate_scope_subset(received_scopes, original_scopes) ⇒ Object
31 32 33 34 35 |
# File 'lib/smart_app_launch/token_payload_validation.rb', line 31 def validate_scope_subset(received_scopes, original_scopes) extra_scopes = received_scopes.split - original_scopes.split assert extra_scopes.empty?, "Token response contained scopes which are not a subset of the scope granted to the "\ "original access token: #{extra_scopes.join(', ')}" end |
#validate_token_field_types(body) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/smart_app_launch/token_payload_validation.rb', line 37 def validate_token_field_types(body) STRING_FIELDS .select { |field| body[field].present? } .each do |field| assert body[field].is_a?(String), "Expected `#{field}` to be a String, but found #{body[field].class.name}" end NUMERIC_FIELDS .select { |field| body[field].present? } .each do |field| assert body[field].is_a?(Numeric), "Expected `#{field}` to be a Numeric, but found #{body[field].class.name}" end end |
#validate_token_type(body) ⇒ Object
13 14 15 |
# File 'lib/smart_app_launch/token_payload_validation.rb', line 13 def validate_token_type(body) assert body['token_type'].casecmp('bearer').zero?, '`token_type` must be `bearer`' end |