Class: SignIn::SessionSpawner
- Inherits:
-
Object
- Object
- SignIn::SessionSpawner
- Includes:
- ActiveModel::Validations
- Defined in:
- app/services/sign_in/session_spawner.rb
Instance Attribute Summary collapse
-
#client_config ⇒ Object
readonly
Returns the value of attribute client_config.
-
#credential_email ⇒ Object
readonly
Returns the value of attribute credential_email.
-
#hashed_device_secret ⇒ Object
readonly
Returns the value of attribute hashed_device_secret.
-
#refresh_creation ⇒ Object
readonly
Returns the value of attribute refresh_creation.
-
#user_attributes ⇒ Object
readonly
Returns the value of attribute user_attributes.
-
#user_verification ⇒ Object
readonly
Returns the value of attribute user_verification.
Instance Method Summary collapse
- #anti_csrf_token ⇒ Object private
- #create_new_access_token ⇒ Object private
- #create_new_refresh_token(parent_refresh_token_hash: nil) ⇒ Object private
- #create_new_session ⇒ Object private
- #double_parent_refresh_token_hash ⇒ Object private
- #get_hash(object) ⇒ Object private
- #handle ⇒ Object private
-
#initialize(current_session:, new_session_client_config:) ⇒ SessionSpawner
constructor
A new instance of SessionSpawner.
- #last_regeneration_time ⇒ Object private
- #parent_refresh_token_hash ⇒ Object private
- #perform ⇒ Object
- #refresh_expiration_time ⇒ Object private
- #refresh_token ⇒ Object private
- #refresh_token_hash ⇒ Object private
- #user_uuid ⇒ Object private
- #validate_credential_lock! ⇒ Object private
- #validate_terms_of_use! ⇒ Object private
Constructor Details
#initialize(current_session:, new_session_client_config:) ⇒ SessionSpawner
Returns a new instance of SessionSpawner.
17 18 19 20 21 22 23 24 |
# File 'app/services/sign_in/session_spawner.rb', line 17 def initialize(current_session:, new_session_client_config:) @credential_email = current_session.credential_email @user_verification = current_session.user_verification @user_attributes = current_session.user_attributes @client_config = new_session_client_config @hashed_device_secret = current_session.hashed_device_secret @refresh_creation = current_session.refresh_creation end |
Instance Attribute Details
#client_config ⇒ Object (readonly)
Returns the value of attribute client_config.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def client_config @client_config end |
#credential_email ⇒ Object (readonly)
Returns the value of attribute credential_email.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def credential_email @credential_email end |
#hashed_device_secret ⇒ Object (readonly)
Returns the value of attribute hashed_device_secret.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def hashed_device_secret @hashed_device_secret end |
#refresh_creation ⇒ Object (readonly)
Returns the value of attribute refresh_creation.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def refresh_creation @refresh_creation end |
#user_attributes ⇒ Object (readonly)
Returns the value of attribute user_attributes.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def user_attributes @user_attributes end |
#user_verification ⇒ Object (readonly)
Returns the value of attribute user_verification.
7 8 9 |
# File 'app/services/sign_in/session_spawner.rb', line 7 def user_verification @user_verification end |
Instance Method Details
#anti_csrf_token ⇒ Object (private)
50 51 52 |
# File 'app/services/sign_in/session_spawner.rb', line 50 def anti_csrf_token @anti_csrf_token ||= SecureRandom.hex end |
#create_new_access_token ⇒ Object (private)
70 71 72 73 74 75 76 77 78 79 80 81 82 |
# File 'app/services/sign_in/session_spawner.rb', line 70 def create_new_access_token AccessToken.new( session_handle: handle, client_id: client_config.client_id, user_uuid:, audience: AccessTokenAudienceGenerator.new(client_config:).perform, refresh_token_hash:, parent_refresh_token_hash:, anti_csrf_token:, last_regeneration_time:, user_attributes: JSON.parse(user_attributes) ) end |
#create_new_refresh_token(parent_refresh_token_hash: nil) ⇒ Object (private)
84 85 86 87 88 89 90 91 |
# File 'app/services/sign_in/session_spawner.rb', line 84 def create_new_refresh_token(parent_refresh_token_hash: nil) RefreshToken.new( session_handle: handle, user_uuid:, parent_refresh_token_hash:, anti_csrf_token: ) end |
#create_new_session ⇒ Object (private)
93 94 95 96 97 98 99 100 101 102 103 104 105 106 |
# File 'app/services/sign_in/session_spawner.rb', line 93 def create_new_session OAuthSession.create!( user_account: user_verification.user_account, user_verification:, client_id: client_config.client_id, credential_email:, handle:, hashed_refresh_token: double_parent_refresh_token_hash, refresh_expiration: refresh_expiration_time, refresh_creation:, user_attributes:, hashed_device_secret: ) end |
#double_parent_refresh_token_hash ⇒ Object (private)
58 59 60 |
# File 'app/services/sign_in/session_spawner.rb', line 58 def double_parent_refresh_token_hash @double_parent_refresh_token_hash ||= get_hash(parent_refresh_token_hash) end |
#get_hash(object) ⇒ Object (private)
116 117 118 |
# File 'app/services/sign_in/session_spawner.rb', line 116 def get_hash(object) Digest::SHA256.hexdigest(object) end |
#handle ⇒ Object (private)
124 125 126 |
# File 'app/services/sign_in/session_spawner.rb', line 124 def handle @handle ||= SecureRandom.uuid end |
#last_regeneration_time ⇒ Object (private)
112 113 114 |
# File 'app/services/sign_in/session_spawner.rb', line 112 def last_regeneration_time @last_regeneration_time ||= Time.zone.now end |
#parent_refresh_token_hash ⇒ Object (private)
66 67 68 |
# File 'app/services/sign_in/session_spawner.rb', line 66 def parent_refresh_token_hash @parent_refresh_token_hash ||= get_hash(create_new_refresh_token.to_json) end |
#perform ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 |
# File 'app/services/sign_in/session_spawner.rb', line 26 def perform validate! SessionContainer.new( session: create_new_session, refresh_token:, access_token: create_new_access_token, anti_csrf_token:, client_config: ) end |
#refresh_expiration_time ⇒ Object (private)
108 109 110 |
# File 'app/services/sign_in/session_spawner.rb', line 108 def refresh_expiration_time @refresh_expiration_time ||= last_regeneration_time + client_config.refresh_token_duration end |
#refresh_token ⇒ Object (private)
54 55 56 |
# File 'app/services/sign_in/session_spawner.rb', line 54 def refresh_token @refresh_token ||= create_new_refresh_token(parent_refresh_token_hash:) end |
#refresh_token_hash ⇒ Object (private)
62 63 64 |
# File 'app/services/sign_in/session_spawner.rb', line 62 def refresh_token_hash @refresh_token_hash ||= get_hash(refresh_token.to_json) end |
#user_uuid ⇒ Object (private)
120 121 122 |
# File 'app/services/sign_in/session_spawner.rb', line 120 def user_uuid @user_uuid ||= user_verification.backing_credential_identifier end |
#validate_credential_lock! ⇒ Object (private)
40 41 42 |
# File 'app/services/sign_in/session_spawner.rb', line 40 def validate_credential_lock! raise SignIn::Errors::CredentialLockedError.new message: 'Credential is locked' if user_verification.locked end |
#validate_terms_of_use! ⇒ Object (private)
44 45 46 47 48 |
# File 'app/services/sign_in/session_spawner.rb', line 44 def validate_terms_of_use! if client_config.enforced_terms.present? && user_verification.user_account.needs_accepted_terms_of_use? raise Errors::TermsOfUseNotAcceptedError.new message: 'Terms of Use has not been accepted' end end |