Class: SignIn::Logingov::Service
- Inherits:
-
Common::Client::Base
- Object
- Common::Client::Base
- SignIn::Logingov::Service
- Defined in:
- lib/sign_in/logingov/service.rb
Constant Summary collapse
- SCOPE =
'profile profile:verified_at address email social_security_number openid'
Instance Method Summary collapse
- #normalized_attributes(user_info, credential_level) ⇒ Object
- #render_auth(state: SecureRandom.hex, acr: Constants::Auth::LOGIN_GOV_IAL1, operation: Constants::Auth::AUTHORIZE) ⇒ Object
- #render_logout(client_logout_redirect_uri) ⇒ Object
- #render_logout_redirect(state) ⇒ Object
- #token(code) ⇒ Object
- #user_info(token) ⇒ Object
Methods inherited from Common::Client::Base
configuration, #raise_backend_exception
Methods included from SentryLogging
#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger
Instance Method Details
#normalized_attributes(user_info, credential_level) ⇒ Object
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'lib/sign_in/logingov/service.rb', line 51 def normalized_attributes(user_info, credential_level) { logingov_uuid: user_info.sub, current_ial: credential_level.current_ial, max_ial: credential_level.max_ial, ssn: user_info.&.tr('-', ''), birth_date: user_info.birthdate, first_name: user_info.given_name, last_name: user_info.family_name, address: normalize_address(user_info.address), csp_email: user_info.email, multifactor: true, service_name: config.service_name, authn_context: get_authn_context(credential_level.current_ial), auto_uplevel: credential_level.auto_uplevel } end |
#render_auth(state: SecureRandom.hex, acr: Constants::Auth::LOGIN_GOV_IAL1, operation: Constants::Auth::AUTHORIZE) ⇒ Object
14 15 16 17 18 19 20 |
# File 'lib/sign_in/logingov/service.rb', line 14 def render_auth(state: SecureRandom.hex, acr: Constants::Auth::LOGIN_GOV_IAL1, operation: Constants::Auth::AUTHORIZE) Rails.logger.info('[SignIn][Logingov][Service] Rendering auth, ' \ "state: #{state}, acr: #{acr}, operation: #{operation}") RedirectUrlGenerator.new(redirect_uri: auth_url, params_hash: auth_params(acr, state)).perform end |
#render_logout(client_logout_redirect_uri) ⇒ Object
22 23 24 25 |
# File 'lib/sign_in/logingov/service.rb', line 22 def render_logout(client_logout_redirect_uri) "#{sign_out_url}?#{sign_out_params(config.logout_redirect_uri, encode_logout_redirect(client_logout_redirect_uri)).to_query}" end |
#render_logout_redirect(state) ⇒ Object
27 28 29 30 31 |
# File 'lib/sign_in/logingov/service.rb', line 27 def render_logout_redirect(state) state_hash = JSON.parse(Base64.decode64(state)) logout_redirect_uri = state_hash['logout_redirect'] RedirectUrlGenerator.new(redirect_uri: URI.parse(logout_redirect_uri).to_s).perform end |
#token(code) ⇒ Object
33 34 35 36 37 38 39 40 41 |
# File 'lib/sign_in/logingov/service.rb', line 33 def token(code) response = perform( :post, config.token_path, token_params(code), { 'Content-Type' => 'application/json' } ) Rails.logger.info("[SignIn][Logingov][Service] Token Success, code: #{code}") parse_token_response(response.body) rescue Common::Client::Errors::ClientError => e raise_client_error(e, 'Token') end |
#user_info(token) ⇒ Object
43 44 45 46 47 48 49 |
# File 'lib/sign_in/logingov/service.rb', line 43 def user_info(token) response = perform(:get, config.userinfo_path, nil, { 'Authorization' => "Bearer #{token}" }) log_credential(response.body) if config.log_credential OpenStruct.new(response.body) rescue Common::Client::Errors::ClientError => e raise_client_error(e, 'UserInfo') end |