Module: SSO::Server::Passports
- Extended by:
- Logging
- Defined in:
- lib/sso/server/passports.rb,
lib/sso/server/passports/activity.rb
Overview
This is the one interaction point with persisting and querying Passports.
Defined Under Namespace
Classes: Activity
Class Method Summary
collapse
Methods included from Logging
debug, error, fatal, info, logger, progname, warn
Class Method Details
.find(id) ⇒ Object
7
8
9
10
11
12
13
14
15
16
17
18
|
# File 'lib/sso/server/passports.rb', line 7
def self.find(id)
record = backend.find_by_id(id)
if record
Operations.success(:record_found, object: record)
else
Operations.failure :record_not_found
end
rescue => exception
Operations.failure :backend_error, object: exception
end
|
.find_by_access_token_id(id) ⇒ Object
20
21
22
23
24
25
26
27
28
|
# File 'lib/sso/server/passports.rb', line 20
def self.find_by_access_token_id(id)
record = backend.where(revoked_at: nil).find_by_oauth_access_token_id(id)
if record
Operations.success(:record_found, object: record)
else
Operations.failure :record_not_found
end
end
|
.generate(owner_id:, ip:, agent:, device: nil) ⇒ Object
30
31
32
33
34
35
36
37
38
39
40
41
|
# File 'lib/sso/server/passports.rb', line 30
def self.generate(owner_id:, ip:, agent:, device: nil)
debug { "Generating Passport for user ID #{owner_id.inspect} and IP #{ip.inspect} and Agent #{agent.inspect} and Device #{device.inspect}" }
record = backend.create owner_id: owner_id, ip: ip, agent: agent, device: device
if record.persisted?
debug { "Successfully generated passport with ID #{record.id}" }
Operations.success :generation_successful, object: record.id
else
Operations.failure :persistence_failed, object: record.errors.to_hash
end
end
|
.logout(passport_id:) ⇒ Object
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
# File 'lib/sso/server/passports.rb', line 90
def self.logout(passport_id:)
return Operations.failure(:missing_passport_id) if passport_id.blank?
debug { "Logging out Passport with ID #{passport_id.inspect}" }
record = backend.find_by_id passport_id
return Operations.success(:passport_does_not_exist) unless record
return Operations.success(:passport_already_revoked) if record.revoked_at
if record.update_attributes revoked_at: Time.now, revoke_reason: :logout
Operations.success :passport_revoked
else
Operations.failure :backend_could_not_revoke_passport
end
end
|
.register_access_token_from_grant(grant_token:, access_token:) ⇒ Object
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# File 'lib/sso/server/passports.rb', line 61
def self.register_access_token_from_grant(grant_token:, access_token:)
access_grant = find_valid_access_grant(grant_token) { |failure| return failure }
access_token = find_valid_access_token(access_token) { |failure| return failure }
record = find_valid_passport_by_grant_id(access_grant.id) { |failure| return failure }
is_insider = access_token.scopes.include? 'insider'
if record.update_attributes oauth_access_token_id: access_token.id, insider: is_insider
debug { "Successfully augmented Passport #{record.id} with Access Token ID #{access_token.id} which is #{access_token.token}" }
Operations.success :passport_known_by_grant_augmented_with_access_token
else
Operations.failure :could_not_augment_passport_known_by_grant_with_access_token
end
end
|
.register_access_token_from_id(passport_id:, access_token:) ⇒ Object
76
77
78
79
80
81
82
83
84
85
86
87
88
|
# File 'lib/sso/server/passports.rb', line 76
def self.register_access_token_from_id(passport_id:, access_token:)
access_token = find_valid_access_token(access_token) { |failure| return failure }
record = find_valid_passport(passport_id) { |failure| return failure }
is_insider = access_token.scopes.include? 'insider'
if record.update_attributes oauth_access_token_id: access_token.id, insider: is_insider
debug { "Successfully augmented #{is_insider ? :insider : :outsider} Passport #{record.id} with Access Token ID #{access_token.id} which is #{access_token.token}" }
Operations.success :passport_augmented_with_access_token
else
Operations.failure :could_not_augment_passport_with_access_token
end
end
|
.register_authorization_grant(passport_id:, token:) ⇒ Object
49
50
51
52
53
54
55
56
57
58
59
|
# File 'lib/sso/server/passports.rb', line 49
def self.register_authorization_grant(passport_id:, token:)
record = find_valid_passport(passport_id) { |failure| return failure }
access_grant = find_valid_access_grant(token) { |failure| return failure }
if record.update_attribute :oauth_access_grant_id, access_grant.id
debug { "Successfully augmented Passport #{record.id} with Authorization Grant ID #{access_grant.id} which is #{access_grant.token}" }
Operations.success :passport_augmented_with_access_token
else
Operations.failure :could_not_augment_passport_with_access_token
end
end
|
.update_activity(passport_id:, request:) ⇒ Object
43
44
45
46
47
|
# File 'lib/sso/server/passports.rb', line 43
def self.update_activity(passport_id:, request:)
record = find_valid_passport(passport_id) { |failure| return failure }
::SSO::Server::Passports::Activity.new(passport: record, request: request).call
end
|