module DoorkeeperMongodb::Mixins::Mongoid::ApplicationMixin

Public Instance Methods

as_json(options = {}) click to toggle source

Represents client as set of it's attributes in JSON format. This is the right way how we want to override ActiveRecord to_json.

Respects privacy settings and serializes minimum set of attributes for public/private clients and full set for authorized owners.

@return [Hash] entity attributes for JSON

Calls superclass method
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 63
def as_json(options = {})
  # if application belongs to some owner we need to check if it's the same as
  # the one passed in the options or check if we render the client as an owner
  if (respond_to?(:owner) && owner && owner == options[:current_resource_owner]) ||
     options[:as_owner]
    # Owners can see all the client attributes, fallback to ActiveModel serialization
    super
  else
    # if application has no owner or it's owner doesn't match one from the options
    # we render only minimum set of attributes that could be exposed to a public
    only = extract_serializable_attributes(options)
    super(options.merge(only: only))
  end
end
authorized_for_resource_owner?(resource_owner) click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 234
def authorized_for_resource_owner?(resource_owner)
  Doorkeeper.configuration.authorize_resource_owner_for_client.call(self, resource_owner)
end
extract_serializable_attributes(options = {}) click to toggle source

Helper method to extract collection of serializable attribute names considering serialization options (like `only`, `except` and so on).

@param options [Hash] serialization options

@return [Array<String>]

collection of attributes to be serialized using #as_json
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 96
def extract_serializable_attributes(options = {})
  opts = options.try(:dup) || {}
  only = Array.wrap(opts[:only]).map(&:to_s)

  only = if only.blank?
           serializable_attributes
         else
           only & serializable_attributes
         end

  only -= Array.wrap(opts[:except]).map(&:to_s) if opts.key?(:except)
  only.uniq
end
plaintext_secret() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 216
def plaintext_secret
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :secret)
  else
    @raw_secret
  end
end
read_attribute_for_serialization(key) click to toggle source

We need to hook into this method to allow serializing plan-text secrets when secrets hashing enabled.

@param key [String] attribute name

Calls superclass method
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 115
def read_attribute_for_serialization(key)
  return super unless key.to_s == "secret"

  plaintext_secret || secret
end
redirect_uri=(uris) click to toggle source

Set an application's valid redirect URIs.

@param uris [String, Array] Newline-separated string or array the URI(s)

@return [String] The redirect URI(s) seperated by newlines.

Calls superclass method
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 207
def redirect_uri=(uris)
  super(uris.is_a?(Array) ? uris.join("\n") : uris)
end
renew_secret() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 211
def renew_secret
  @raw_secret = Doorkeeper::OAuth::Helpers::UniqueToken.generate
  secret_strategy.store_secret(self, :secret, @raw_secret)
end
secret_matches?(input) click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 185
def secret_matches?(input)
  # return false if either is nil, since secure_compare depends on strings
  # but Application secrets MAY be nil depending on confidentiality.
  return false if input.nil? || secret.nil?

  # When matching the secret by comparer function, all is well.
  return true if secret_strategy.secret_matches?(input, secret)

  # When fallback lookup is enabled, ensure applications
  # with plain secrets can still be found
  if fallback_secret_strategy
    fallback_secret_strategy.secret_matches?(input, secret)
  else
    false
  end
end
serializable_attributes() click to toggle source

Collection of attributes that could be serialized for public. Override this method if you need additional attributes to be serialized.

@return [Array<String>] collection of serializable attributes

# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 125
def serializable_attributes
  attributes = %w[id name created_at]
  attributes << "uid" unless confidential?
  attributes
end
serializable_hash(options = nil) click to toggle source
Calls superclass method
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 78
def serializable_hash(options = nil)
  hash = super
  if hash.key?("_id")
    hash["id"] = hash.delete("_id")
  elsif options && Array.wrap(options[:only].map(&:to_sym)).include?(:id)
    hash["id"] = id.to_s
  end
  hash
end

Private Instance Methods

enforce_scopes?() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 258
def enforce_scopes?
  Doorkeeper.configuration.enforce_configured_scopes?
end
generate_secret() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 244
def generate_secret
  return unless secret.blank?

  @raw_secret = UniqueToken.generate
  secret_strategy.store_secret(self, :secret, @raw_secret)
end
generate_uid() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 240
def generate_uid
  self.uid = UniqueToken.generate if uid.blank?
end
scopes_match_configured() click to toggle source
# File lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb, line 251
def scopes_match_configured
  if scopes.present? &&
     !ScopeChecker.valid?(scope_str: scopes.to_s, server_scopes: Doorkeeper.configuration.scopes)
    errors.add(:scopes, :not_match_configured)
  end
end