module Unimatrix::Authorization
Public Class Methods
included( controller )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 68 def self.included( controller ) controller.extend( ClassMethods ) end
Public Instance Methods
policies()
click to toggle source
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 76 def policies @policies ||= begin # Used by Archivist requires_permission filter. TODO: deprecate retrieve_policies( @resource_name, params[ :access_token ], realm_uuid, @resource_server ) end end
policies=( attributes )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 72 def policies=( attributes ) @policies = attributes end
request_client_token( client_id, client_secret )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 114 def request_client_token( client_id, client_secret ) if client_id && client_secret ClientCredentialsGrant.new( client_id: client_id, client_secret: client_secret ).request_token( with_expiry: true ) else nil end end
request_policies( resource_name, access_token, realm_uuid, resource_server )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 102 def request_policies( resource_name, access_token, realm_uuid, resource_server ) if resource_name && access_token realm_uuid = realm_uuid || '*' Operation.new( '/policies' ).where( access_token: access_token, resource: "realm/#{ realm_uuid }::#{ resource_server }::#{ resource_name }/*" ).read else nil end end
request_resource_owner( access_token )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_resource_owner.rb, line 61 def request_resource_owner( access_token ) Operation.new( '/resource_owner' ).where( access_token: access_token ).read end
resource_owner()
click to toggle source
# File lib/unimatrix/authorization/filters/requires_resource_owner.rb, line 48 def resource_owner @resource_owner ||= begin retrieve_resource_owner( params[ :access_token ] ) end end
resource_owner=( attributes )
click to toggle source
# File lib/unimatrix/authorization/filters/requires_resource_owner.rb, line 44 def resource_owner=( attributes ) @resource_owner = attributes end
retrieve_client_token( client_id, client_secret )
click to toggle source
# File lib/unimatrix/authorization/railtie.rb, line 39 def retrieve_client_token( client_id, client_secret ) if client_id && client_secret key = [ client_id, client_secret ].join expires_in = nil token = Rails.cache.fetch( "keymaker-client_token-#{ Digest::SHA1.hexdigest( key ) }", expires_in: 1.minute ) do token_hash = request_client_token( client_id, client_secret ) if token_hash && token_hash[ :expires_in ] && token_hash[ :expires_in ] < 60 expires_in = token_hash[ :expires_in ] end token_hash[ :access_token ] rescue nil end if expires_in Rails.cache.write( "keymaker-client_token-#{ Digest::SHA1.hexdigest( key ) }", token, expires_in: expires_in ) end token else nil end end
retrieve_policies( resource_name, access_token, realm_uuid, resource_server )
click to toggle source
In Rails app, this is overwritten by retrieve_policies
in railtie.rb
# File lib/unimatrix/authorization/filters/requires_policies.rb, line 89 def retrieve_policies( resource_name, access_token, realm_uuid, resource_server ) if resource_name && access_token request_policies( resource_name, access_token, realm_uuid, resource_server ) else nil end end
retrieve_resource_owner( access_token )
click to toggle source
In Rails app, this is overwritten by retrieve_resource_owner
in railtie.rb
# File lib/unimatrix/authorization/filters/requires_resource_owner.rb, line 55 def retrieve_resource_owner( access_token ) if access_token request_resource_owner( access_token ) end end