module Setsuzoku::Service::WebService::AuthStrategies::StrategyCanUseTokens
The API OAuth Authentication Interface definition. Any Plugin
that implements this must implement all methods required for OAuth.
Defines all necessary methods for handling authentication for any authentication strategy.
Public Instance Methods
If the auth credentials are valid for this instance and auth_strategy.
If the token is invalid we should refresh it. And verify that the credentials are now valid. Otherwise the credentials are already valid.
@return [Boolean] true if the auth token is valid for the auth_strategy.
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 44 def auth_credential_valid? validate_token_credential! end
Construct the custom token_request_body and request a token.
@return [void]
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 23 def new_token!; end
Construct the custom token_request_body and request a token.
@return [void]
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 32 def refresh_expired_token!; end
Private Instance Methods
Exchange code for a new token via POST request to API token url, and set token, expiry, and status on the integration
@param [Hash] body the request body for the token POST request
@return void
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 138 def get_token!(body, action) success = false without_headers = self.credential.auth_actions[action].has_key?(:without_headers) ? self.credential.auth_actions[action][:without_headers] : true request = self.api_strategy.request_class.new(action: action, body: body, without_headers: without_headers) resp = self.api_strategy.call_external_api(request: request, strategy: :auth) return false unless resp.success self.credential.set_token!(resp) end
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 124 def refresh_before_expiration_time 45.minutes.from_now.to_datetime end
Determine whether the token is no longer valid.
@return [Boolean] true if the token is invalid.
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 114 def token_is_invalid? inactive = self.credential.status != 'active' expired = self.credential.expires_on.present? && self.credential.refresh_token.present? && (self.credential.expires_on < refresh_before_expiration_time) inactive || expired end
If the plugin's auth_strategy should use a token.
@return [Boolean] if the auth_strategy uses a token or not.
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 82 def uses_token? uses_token_by_default? || !!self.credential&.uses_token? end
If the plugin's auth_strategy should use a token by default. Defaulted to false, OAuth will default to true.
@return [Boolean] if the auth_strategy uses a token or not.
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 94 def uses_token_by_default? false end
If the auth credentials are valid for this instance and auth_strategy.
If the token is invalid we should refresh it. And verify that the credentials are now valid. Otherwise the credentials are already valid.
@return [Boolean] true if the auth token is valid for the auth_strategy.
# File lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb, line 60 def validate_token_credential! if self.credential.status == 'disabled' false elsif uses_token? if token_is_invalid? self.refresh_expired_token! !token_is_invalid? else true end else true end end