module DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin::ClassMethods

Public Instance Methods

authorized_tokens_for(application_id, resource_owner) click to toggle source

Looking for not revoked Access Token records that belongs to specific Application and Resource Owner.

@param application_id [Integer]

ID of the Application model instance

@param resource_owner [Mongoid::Document]

ID of the Resource Owner model instance

@return [Doorkeeper::AccessToken] array of matching AccessToken objects

# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 249
def authorized_tokens_for(application_id, resource_owner)
  send(order_method, created_at_desc)
    .by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
end
by_previous_refresh_token(previous_refresh_token) click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 98
def by_previous_refresh_token(previous_refresh_token)
  where(refresh_token: previous_refresh_token).first
end
by_refresh_token(refresh_token) click to toggle source

Returns an instance of the Doorkeeper::AccessToken with specific token value.

@param refresh_token [#to_s]

refresh token value (any object that responds to `#to_s`)

@return [Doorkeeper::AccessToken, nil] AccessToken object or nil

if there is no record with such refresh token
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 80
def by_refresh_token(refresh_token)
  find_by_plaintext_token(:refresh_token, refresh_token)
end
by_token(token) click to toggle source

Returns an instance of the Doorkeeper::AccessToken with specific token value.

@param token [#to_s]

token value (any object that responds to `#to_s`)

@return [Doorkeeper::AccessToken, nil] AccessToken object or nil

if there is no record with such token
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 67
def by_token(token)
  find_by_plaintext_token(:token, token)
end
create_for(application:, resource_owner:, scopes:, **token_attributes) click to toggle source

Creates a not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner.

@param application [Doorkeeper::Application]

Application instance

@param resource_owner [Mongoid::Document, Integer]

Resource Owner model instance or it's ID

@param scopes [#to_s]

set of scopes (any object that responds to `#to_s`)

@param token_attributes [Hash]

Additional attributes to use when creating a token

@option token_attributes [Integer] :expires_in

token lifetime in seconds

@option token_attributes [Boolean] :use_refresh_token

whether to use the refresh token

@return [Doorkeeper::AccessToken] new access token

# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 226
def create_for(application:, resource_owner:, scopes:, **token_attributes)
  token_attributes[:application_id] = application&.id
  token_attributes[:scopes] = scopes.to_s

  if Doorkeeper.configuration.try(:polymorphic_resource_owner?)
    token_attributes[:resource_owner] = resource_owner
  else
    token_attributes[:resource_owner_id] = resource_owner_id_for(resource_owner)
  end

  create!(token_attributes)
end
fallback_secret_strategy() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 274
def fallback_secret_strategy
  ::Doorkeeper.configuration.token_secret_fallback_strategy
end
find_access_token_in_batches(relation, *_args, &block) click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 120
def find_access_token_in_batches(relation, *_args, &block)
  relation.all.each(&block)
end
find_matching_token(relation, application, scopes) click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 124
def find_matching_token(relation, application, scopes)
  relation.detect do |token|
    scopes_match?(token.scopes, scopes, application.try(:scopes))
  end
end
find_or_create_for(*args) click to toggle source

Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner. If it doesn't exists - then creates it.

@param application [Doorkeeper::Application]

Application instance

@param resource_owner [Mongoid::Document, Integer]

Resource Owner model instance or it's ID

@param scopes [#to_s]

set of scopes (any object that responds to `#to_s`)

@param expires_in [Integer]

token lifetime in seconds

@param use_refresh_token [Boolean]

whether to use the refresh token

@return [Doorkeeper::AccessToken] existing record or a new one

# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 173
def find_or_create_for(*args)
  # [NOTE]: For backward compatibility with Doorkeeper < 5.4
  attributes = if args.size > 1
                 {
                   application: args[0],
                   resource_owner: args[1],
                   scopes: args[2],
                   expires_in: args[3],
                   use_refresh_token: args[4],
                 }
               else
                 args.first
               end

  application = attributes[:application]
  resource_owner = attributes[:resource_owner]
  scopes = attributes[:scopes]
  expires_in = attributes[:expires_in]
  use_refresh_token = attributes[:use_refresh_token]

  if Doorkeeper.configuration.reuse_access_token
    access_token = matching_token_for(application, resource_owner, scopes)

    return access_token if access_token&.reusable?
  end

  create_for(
    application: application,
    resource_owner: resource_owner,
    scopes: scopes,
    expires_in: expires_in,
    use_refresh_token: use_refresh_token,
  )
end
last_authorized_token_for(application_id, resource_owner) click to toggle source

Convenience method for backwards-compatibility, return the last matching token for the given Application and Resource Owner.

@param application_id [Integer]

ID of the Application model instance

@param resource_owner [Mongoid::Document, Integer]

ID of the Resource Owner model instance

@return [Doorkeeper::AccessToken, nil] matching AccessToken object or

nil if nothing was found
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 266
def last_authorized_token_for(application_id, resource_owner)
  authorized_tokens_for(application_id, resource_owner).first
end
matching_token_for(application, resource_owner, scopes) click to toggle source

Looking for not revoked Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.

@param application [Doorkeeper::Application]

Application instance

@param resource_owner [Mongoid::Document, Integer]

Resource Owner model instance or it's ID

@param scopes [String, Doorkeeper::OAuth::Scopes]

set of scopes

@return [Doorkeeper::AccessToken, nil] Access Token instance or

nil if matching record was not found
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 115
def matching_token_for(application, resource_owner, scopes)
  tokens = authorized_tokens_for(application&.id, resource_owner)
  find_matching_token(tokens, application, scopes)
end
revoke_all_for(application_id, resource_owner, clock = Time) click to toggle source

Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.

@param application_id [Integer]

ID of the Application

@param resource_owner [Mongoid::Document]

instance of the Resource Owner model
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 92
def revoke_all_for(application_id, resource_owner, clock = Time)
  by_resource_owner(resource_owner)
    .where(application_id: application_id, revoked_at: nil)
    .update_all(revoked_at: clock.now.utc)
end
scopes_match?(token_scopes, param_scopes, app_scopes) click to toggle source

Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).

@param token_scopes [#to_s]

set of scopes (any object that responds to `#to_s`)

@param param_scopes [Doorkeeper::OAuth::Scopes]

scopes from params

@param app_scopes [Doorkeeper::OAuth::Scopes]

Application scopes

@return [Boolean] true if the param scopes match the token scopes,

and all the param scopes are defined in the application (or in the
server configuration if the application doesn't define any scopes),
and false in other cases
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 145
def scopes_match?(token_scopes, param_scopes, app_scopes)
  return true if token_scopes.empty? && param_scopes.empty?

  (token_scopes.sort == param_scopes.sort) &&
    Doorkeeper::OAuth::Helpers::ScopeChecker.valid?(
      scope_str: param_scopes.to_s,
      server_scopes: Doorkeeper.configuration.scopes,
      app_scopes: app_scopes,
    )
end
secret_strategy() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 270
def secret_strategy
  ::Doorkeeper.configuration.token_secret_strategy
end