Class: V0::Profile::ConnectedApplicationsController

Inherits:
ApplicationController show all
Includes:
IgnoreNotFound
Defined in:
app/controllers/v0/profile/connected_applications_controller.rb

Constant Summary

Constants inherited from ApplicationController

ApplicationController::VERSION_STATUS

Constants included from SignIn::Authentication

SignIn::Authentication::BEARER_PATTERN

Constants included from ExceptionHandling

ExceptionHandling::SKIP_SENTRY_EXCEPTION_TYPES

Instance Attribute Summary

Attributes inherited from ApplicationController

#current_user

Instance Method Summary collapse

Methods included from IgnoreNotFound

#skip_sentry_exception_types

Methods inherited from ApplicationController

#clear_saved_form, #cors_preflight, #pagination_params, #render_job_id, #routing_error, #set_csrf_header

Methods included from Traceable

#set_trace_tags

Methods included from SentryControllerLogging

#set_tags_and_extra_context, #tags_context, #user_context

Methods included from SentryLogging

#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger, #set_sentry_metadata

Methods included from Instrumentation

#append_info_to_payload

Methods included from SignIn::Authentication

#access_token, #access_token_authenticate, #authenticate, #authenticate_access_token, #bearer_token, #cookie_access_token, #handle_authenticate_error, #load_user, #load_user_object, #scrub_bearer_token, #validate_request_ip

Methods included from Headers

#set_app_info_headers

Methods included from ExceptionHandling

#render_errors, #report_mapped_exception, #report_original_exception, #skip_sentry_exception?, #skip_sentry_exception_types

Methods included from AuthenticationAndSSOConcerns

#authenticate, #clear_session, #extend_session!, #load_user, #log_sso_info, #render_unauthorized, #reset_session, #set_api_cookie!, #set_current_user, #set_session_expiration_header, #set_session_object, #sign_in_service_exp_time, #sign_in_service_session, #sso_cookie_content, #sso_logging_info, #validate_inbound_login_params, #validate_session

Methods included from SignIn::AudienceValidator

#authenticate, #validate_audience!

Instance Method Details

#apps_from_grantsObject 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 37

def apps_from_grants
  data = []
  icn = @current_user.icn

  url_with_params, headers = build_grant_request(icn)

  response = Faraday.get(url_with_params, {}, headers)

  if response.status == 200
    parsed_response = JSON.parse(response.body)
    lhapps = parsed_response['apps']
    lhapps.each do |lh_app|
      app = build_apps_from_data(lh_app)
      (data ||= []) << app
    end
    { 'data' => data }
  else
    { data: [] }
  end
rescue
  { data: [] }
end

#build_apps_from_data(lh_app) ⇒ Object (private) 



88
89
90
91
92
93
94
95
96
97
98
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 88

def build_apps_from_data(lh_app)
  app = {}
  app['id'] = lh_app['clientId']
  app['type'] = 'lighthouse_consumer_app'
  app['attributes'] = {}
  app['attributes']['title'] = lh_app['label']
  app['attributes']['logo'] = lh_app['href']
  app['attributes']['privacyUrl'] = ''
  app['attributes']['grants'] = build_grants(lh_app['grants'])
  app
end

#build_grant_request(icn) ⇒ Object (private) 



75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 75

def build_grant_request(icn)
  grant_url = Settings.connected_apps_api.connected_apps.url
  payload = { icn: }
  url_with_params = "#{grant_url}?#{URI.encode_www_form(payload)}"

  headers = {
    apiKey: Settings.connected_apps_api.connected_apps.api_key,
    accesskey: Settings.connected_apps_api.connected_apps.auth_access_key
  }

  [url_with_params, headers]
end

#build_grants(grants) ⇒ Object (private) 



100
101
102
103
104
105
106
107
108
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 100

def build_grants(grants)
  grants.map do |grant|
    {
      title: grant['scopeTitle'],
      id: '',
      created: grant['connectionDate']
    }
  end
end

#build_revocation_request(icn, client_id) ⇒ Object (private) 



62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 62

def build_revocation_request(icn, client_id)
  revocation_url = Settings.connected_apps_api.connected_apps.revoke_url
  payload = { icn:, clientId: client_id }
  url_with_params = "#{revocation_url}?#{URI.encode_www_form(payload)}"

  headers = {
    apiKey: Settings.connected_apps_api.connected_apps.api_key,
    accesskey: Settings.connected_apps_api.connected_apps.auth_access_key
  }

  [url_with_params, headers]
end

#connected_accounts_paramsObject (private) 



110
111
112
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 110

def connected_accounts_params
  params.permit(:id)
end

#destroyObject 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 13

def destroy
  icn = @current_user.icn
  client_id = connected_accounts_params[:id]

  if icn.nil? || client_id.nil?
    render json: { error: 'icn and/or clientId is missing' }
    return
  end

  url_with_params, headers = build_revocation_request(icn, client_id)

  begin
    response = Faraday.delete(url_with_params, nil, headers)

    if response.status == 204
      head :no_content
    else
      render json: { error: 'Something went wrong cannot revoke grants' }, status: :unprocessable_entity
    end
  rescue
    render json: { error: 'Something went wrong cannot revoke grants' }, status: :unprocessable_entity
  end
end

#indexObject 



9
10
11
 
# File 'app/controllers/v0/profile/connected_applications_controller.rb', line 9

def index
  render json: apps_from_grants
end