module DoorkeeperMongodb::Mixins::Mongoid::AccessTokenMixin
Public Instance Methods
Indicates if token is acceptable for specific scopes.
@param scopes [Array<String>] scopes
@return [Boolean] true if record is accessible and includes scopes or
false in other cases
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 339 def acceptable?(scopes) accessible? && includes_scope?(*scopes) end
JSON representation of the Access Token instance.
@return [Hash] hash with token data
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 295 def as_json(_options = {}) { resource_owner_id: resource_owner_id, scope: scopes, expires_in: expires_in_seconds, application: { uid: application.try(:uid) }, created_at: created_at.to_i, } end
We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 345 def plaintext_refresh_token if secret_strategy.allows_restoring_secrets? secret_strategy.restore_secret(self, :refresh_token) else @raw_refresh_token end end
We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.
Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 359 def plaintext_token if secret_strategy.allows_restoring_secrets? secret_strategy.restore_secret(self, :token) else @raw_token end end
Revokes token with `:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 370 def revoke_previous_refresh_token! return unless self.class.refresh_token_revoked_on_use? old_refresh_token&.revoke update(previous_refresh_token: "") end
Indicates whether the token instance have the same credential as the other Access Token.
@param access_token [Doorkeeper::AccessToken] other token
@return [Boolean] true if credentials are same of false in other cases
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 312 def same_credential?(access_token) application_id == access_token.application_id && same_resource_owner?(access_token) end
Indicates whether the token instance have the same credential as the other Access Token.
@param access_token [Doorkeeper::AccessToken] other token
@return [Boolean] true if credentials are same of false in other cases
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 324 def same_resource_owner?(access_token) if Doorkeeper.configuration.try(:polymorphic_resource_owner?) resource_owner == access_token.resource_owner else resource_owner_id == access_token.resource_owner_id end end
Access Token type: Bearer. @see tools.ietf.org/html/rfc6750
The OAuth 2.0 Authorization Framework: Bearer Token Usage
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 283 def token_type "Bearer" end
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 287 def use_refresh_token? @use_refresh_token ||= false !!@use_refresh_token end
Private Instance Methods
Generates refresh token with UniqueToken generator.
@return [String] refresh token value
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 387 def generate_refresh_token @raw_refresh_token = UniqueToken.generate secret_strategy.store_secret(self, :refresh_token, @raw_refresh_token) end
Generates and sets the token value with the configured Generator class (see Doorkeeper.configuration).
@return [String] generated token value
@raise [Doorkeeper::Errors::UnableToGenerateToken]
custom class doesn't implement .generate method
@raise [Doorkeeper::Errors::TokenGeneratorNotFound]
custom class doesn't exist
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 402 def generate_token self.created_at ||= Time.now.utc @raw_token = token_generator.generate( resource_owner_id: resource_owner_id, scopes: scopes, application: application, expires_in: expires_in, created_at: created_at, ) secret_strategy.store_secret(self, :token, @raw_token) @raw_token end
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 379 def old_refresh_token @old_refresh_token ||= self.class.by_previous_refresh_token(previous_refresh_token) end
# File lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb, line 416 def token_generator generator_name = Doorkeeper.configuration.access_token_generator generator = generator_name.constantize return generator if generator.respond_to?(:generate) raise Doorkeeper::Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`." rescue NameError raise Doorkeeper::Errors::TokenGeneratorNotFound, "#{generator_name} not found" end