class Riddl::Utils::OAuth2::UnivieApp::RefreshToken
Public Instance Methods
response()
click to toggle source
# File lib/ruby/riddl/utils/oauth2-univie.rb, line 126 def response refresh_token = @p[1].value access_tokens = @a[0] refresh_tokens = @a[1] client_id = @a[2] client_secret = @a[3] adur = @a[4] rdur = @a[5] token, _ = refresh_token.split '.' token_data = JSON::parse(Base64::urlsafe_decode64 token) if token_data['iss'] != client_id @status = 401 return Riddl::Parameter::Complex.new('data', 'application/json', { :error => 'Token must be refreshed by issuer.' }.to_json) elsif !refresh_tokens.key?(refresh_token) || token_data['exp'] <= Time.now.to_i @status = 403 puts "i dont know #{refresh_token}", "#{refresh_tokens.get(refresh_token)}" return Riddl::Parameter::Complex.new('data', 'application/json', { :error => 'Invalid refresh token.' }.to_json) end old_token = refresh_tokens.get(refresh_token) user = access_tokens.delete old_token token = Riddl::Utils::OAuth2::Helper::generate_access_token(client_id, client_id + ':' + client_secret, adur) access_tokens.set(token,user,rdur) # not adur, to identify expired access tokens refresh_tokens.set(refresh_token, token) Riddl::Parameter::Complex.new('data', 'application/json', { :token => token }.to_json) end