Module: Doorkeeper::AccessTokenMixin

Extended by:
ActiveSupport::Concern
Includes:
Models::Accessible, Models::Expirable, Models::Orderable, Models::ResourceOwnerable, Models::Reusable, Models::Revocable, Models::Scopes, Models::SecretStorable, OAuth::Helpers
Defined in:
lib/doorkeeper/models/access_token_mixin.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Methods included from Models::Scopes

#includes_scope?, #scopes, #scopes=, #scopes_string

Methods included from Models::Accessible

#accessible?

Methods included from Models::Revocable

#revoke, #revoked?

Methods included from Models::Reusable

#reusable?

Methods included from Models::Expirable

#expired?, #expires_at, #expires_in_seconds

Instance Method Details

#acceptable?(scopes) ⇒ Boolean

Indicates if token is acceptable for specific scopes.

Parameters:

  • scopes (Array<String>)

    scopes

Returns:

  • (Boolean)

    true if record is accessible and includes scopes or false in other cases


345
346
347
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 345

def acceptable?(scopes)
  accessible? && includes_scope?(*scopes)
end

#as_json(_options = {}) ⇒ Hash

JSON representation of the Access Token instance.

Returns:

  • (Hash)

    hash with token data


297
298
299
300
301
302
303
304
305
306
307
308
309
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 297

def as_json(_options = {})
  {
    resource_owner_id: resource_owner_id,
    scope: scopes,
    expires_in: expires_in_seconds,
    application: { uid: application.try(:uid) },
    created_at: created_at.to_i,
  }.tap do |json|
    if Doorkeeper.configuration.polymorphic_resource_owner?
      json[:resource_owner_type] = resource_owner_type
    end
  end
end

#plaintext_refresh_tokenObject

We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.


351
352
353
354
355
356
357
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 351

def plaintext_refresh_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :refresh_token)
  else
    @raw_refresh_token
  end
end

#plaintext_tokenObject

We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.

Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.


365
366
367
368
369
370
371
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 365

def plaintext_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :token)
  else
    @raw_token
  end
end

#revoke_previous_refresh_token!Object

Revokes token with `:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.


376
377
378
379
380
381
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 376

def revoke_previous_refresh_token!
  return if !self.class.refresh_token_revoked_on_use? || previous_refresh_token.blank?

  old_refresh_token&.revoke
  update_attribute(:previous_refresh_token, "")
end

#same_credential?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

Returns:

  • (Boolean)

    true if credentials are same of false in other cases


318
319
320
321
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 318

def same_credential?(access_token)
  application_id == access_token.application_id &&
    same_resource_owner?(access_token)
end

#same_resource_owner?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

Returns:

  • (Boolean)

    true if credentials are same of false in other cases


330
331
332
333
334
335
336
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 330

def same_resource_owner?(access_token)
  if Doorkeeper.configuration.polymorphic_resource_owner?
    resource_owner == access_token.resource_owner
  else
    resource_owner_id == access_token.resource_owner_id
  end
end

#token_typeObject

Access Token type: Bearer.


285
286
287
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 285

def token_type
  "Bearer"
end

#use_refresh_token?Boolean

Returns:

  • (Boolean)

289
290
291
292
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 289

def use_refresh_token?
  @use_refresh_token ||= false
  !!@use_refresh_token
end