Class: Doorkeeper::SecretStoring::BCrypt

Inherits:
Base
  • Object
show all
Defined in:
lib/doorkeeper/secret_storing/bcrypt.rb

Overview

Plain text secret storing, which is the default but also provides fallback lookup if other secret storing mechanisms are enabled.

Class Method Summary collapse

Methods inherited from Base

restore_secret, store_secret

Class Method Details

.allows_restoring_secrets?Boolean

Determines whether this strategy supports restoring secrets from the database. This allows detecting users trying to use a non-restorable strategy with reuse_access_tokens.

Returns:

  • (Boolean)

30
31
32
# File 'lib/doorkeeper/secret_storing/bcrypt.rb', line 30

def self.allows_restoring_secrets?
  false
end

.bcrypt_present?Boolean

Test if we can require the BCrypt gem

Returns:

  • (Boolean)

52
53
54
55
56
57
# File 'lib/doorkeeper/secret_storing/bcrypt.rb', line 52

def self.bcrypt_present?
  require "bcrypt"
  true
rescue LoadError
  false
end

.secret_matches?(input, stored) ⇒ Boolean

Securely compare the given input value with a stored value processed by transform_secret.

Returns:

  • (Boolean)

20
21
22
23
24
# File 'lib/doorkeeper/secret_storing/bcrypt.rb', line 20

def self.secret_matches?(input, stored)
  ::BCrypt::Password.new(stored.to_s) == input.to_s
rescue ::BCrypt::Errors::InvalidHash
  false
end

.transform_secret(plain_secret) ⇒ Object

Return the value to be stored by the database

Parameters:

  • plain_secret

    The plain secret input / generated


13
14
15
# File 'lib/doorkeeper/secret_storing/bcrypt.rb', line 13

def self.transform_secret(plain_secret)
  ::BCrypt::Password.create(plain_secret.to_s)
end

.validate_for(model) ⇒ Object

Determines what secrets this strategy is applicable for


36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/doorkeeper/secret_storing/bcrypt.rb', line 36

def self.validate_for(model)
  unless model.to_sym == :application
    raise ArgumentError,
          "'#{name}' can only be used for storing application secrets."
  end

  unless bcrypt_present?
    raise ArgumentError,
          "'#{name}' requires the 'bcrypt' gem being loaded."
  end

  true
end