Module: Doorkeeper::AccessTokenMixin
- Extended by:
- ActiveSupport::Concern
- Includes:
- Models::Accessible, Models::Expirable, Models::ExpirationTimeSqlMath, Models::Orderable, Models::ResourceOwnerable, Models::Reusable, Models::Revocable, Models::Scopes, Models::SecretStorable, OAuth::Helpers
- Defined in:
- lib/doorkeeper/models/access_token_mixin.rb
Defined Under Namespace
Modules: ClassMethods
Constant Summary
Constants included from Models::ExpirationTimeSqlMath
Models::ExpirationTimeSqlMath::ADAPTERS_MAPPING
Instance Method Summary collapse
-
#acceptable?(scopes) ⇒ Boolean
Indicates if token is acceptable for specific scopes.
-
#as_json(_options = {}) ⇒ Hash
JSON representation of the Access Token instance.
-
#plaintext_refresh_token ⇒ Object
We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.
-
#plaintext_token ⇒ Object
We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.
-
#revoke_previous_refresh_token! ⇒ Object
Revokes token with ‘:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.
-
#same_credential?(access_token) ⇒ Boolean
Indicates whether the token instance have the same credential as the other Access Token.
-
#same_resource_owner?(access_token) ⇒ Boolean
Indicates whether the token instance have the same credential as the other Access Token.
-
#token_type ⇒ Object
Access Token type: Bearer.
- #use_refresh_token? ⇒ Boolean
Methods included from Models::Scopes
#includes_scope?, #scopes, #scopes=, #scopes_string
Methods included from Models::Accessible
Methods included from Models::Revocable
Methods included from Models::Reusable
Methods included from Models::Expirable
#expired?, #expires_at, #expires_in_seconds
Instance Method Details
#acceptable?(scopes) ⇒ Boolean
Indicates if token is acceptable for specific scopes.
345 346 347 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 345 def acceptable?(scopes) accessible? && includes_scope?(*scopes) end |
#as_json(_options = {}) ⇒ Hash
JSON representation of the Access Token instance.
297 298 299 300 301 302 303 304 305 306 307 308 309 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 297 def as_json( = {}) { resource_owner_id: resource_owner_id, scope: scopes, expires_in: expires_in_seconds, application: { uid: application.try(:uid) }, created_at: created_at.to_i, }.tap do |json| if Doorkeeper.configuration.polymorphic_resource_owner? json[:resource_owner_type] = resource_owner_type end end end |
#plaintext_refresh_token ⇒ Object
We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.
351 352 353 354 355 356 357 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 351 def plaintext_refresh_token if secret_strategy.allows_restoring_secrets? secret_strategy.restore_secret(self, :refresh_token) else @raw_refresh_token end end |
#plaintext_token ⇒ Object
We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.
Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.
365 366 367 368 369 370 371 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 365 def plaintext_token if secret_strategy.allows_restoring_secrets? secret_strategy.restore_secret(self, :token) else @raw_token end end |
#revoke_previous_refresh_token! ⇒ Object
Revokes token with ‘:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.
376 377 378 379 380 381 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 376 def revoke_previous_refresh_token! return if !self.class.refresh_token_revoked_on_use? || previous_refresh_token.blank? old_refresh_token&.revoke update_attribute(:previous_refresh_token, "") end |
#same_credential?(access_token) ⇒ Boolean
Indicates whether the token instance have the same credential as the other Access Token.
318 319 320 321 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 318 def same_credential?(access_token) application_id == access_token.application_id && same_resource_owner?(access_token) end |
#same_resource_owner?(access_token) ⇒ Boolean
Indicates whether the token instance have the same credential as the other Access Token.
330 331 332 333 334 335 336 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 330 def same_resource_owner?(access_token) if Doorkeeper.configuration.polymorphic_resource_owner? resource_owner == access_token.resource_owner else resource_owner_id == access_token.resource_owner_id end end |
#token_type ⇒ Object
Access Token type: Bearer.
285 286 287 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 285 def token_type "Bearer" end |
#use_refresh_token? ⇒ Boolean
289 290 291 292 |
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 289 def use_refresh_token? @use_refresh_token ||= false !!@use_refresh_token end |