class AuthingRuby::ManagementTokenProvider

Public Class Methods

new(options = {}, graphqlClient = nil) click to toggle source
# File lib/authing_ruby/management/ManagementTokenProvider.rb, line 12
def initialize(options = {}, graphqlClient = nil)
  @options = options;
  @graphqlClient = graphqlClient;

  @_accessToken = nil
  @_accessTokenExpriredAt = nil # 过期时间
  
  # 如果 options 里传入了 accessToken
  accessToken = options.fetch(:accessToken, nil)
  if accessToken
    @_accessToken = accessToken;
    decoded_token_array = JWT.decode @_accessToken, nil, false # 试着解析一下
    payload = decoded_token_array[0]
    exp = payload.dig('exp'); # exp 是过期时间(秒)
    @_accessTokenExpriredAt = exp; # 把过期时间存起来
  end
end

Public Instance Methods

_getAccessTokenFromServer() click to toggle source

用途:发请求,从服务器获取新的 AccessToken

# File lib/authing_ruby/management/ManagementTokenProvider.rb, line 46
def _getAccessTokenFromServer
  accessToken = nil;
  secret = @options.fetch(:secret, nil)

  if secret
    accessToken = getClientWhenSdkInit()
  else
    accessToken = refreshToken()
  end

  @_accessToken = accessToken;
  decoded_token_array = JWT.decode @_accessToken, nil, false
  payload = decoded_token_array[0]
  # {"data"=>{"type"=>"user", "userPoolId"=>"59f86b4832eb28071bdd9214", "arn"=>"arn:cn:authing:59f86b4832eb28071bdd9214:user:607b0b15aab3a805f7ea6617", "id"=>"607b0b15aab3a805f7ea6617", "userId"=>"607b0b15aab3a805f7ea6617", "_id"=>"607b0b15aab3a805f7ea6617", "phone"=>"13556136684", "email"=>nil, "username"=>nil, "unionid"=>nil, "openid"=>nil, "clientId"=>"59f86b4832eb28071bdd9214"}, "iat"=>1619579553, "exp"=>1620875553}
  exp = payload.dig('exp'); # exp 是过期时间(秒)
  @_accessTokenExpriredAt = exp
  return @_accessToken;
end
getClientWhenSdkInit() click to toggle source

发送 GraphQL 接口请求获取 accessToken

# File lib/authing_ruby/management/ManagementTokenProvider.rb, line 66
def getClientWhenSdkInit
  variables = {
    userPoolId: @options.fetch(:userPoolId, nil),
    secret: @options.fetch(:secret, nil),
  }
  api = AuthingRuby::GraphQLAPI.new
  hash = api.getAccessToken(@graphqlClient, variables)
  # {"data":{"accessToken":{"accessToken":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InR5cGUiOiJ1[省略]ZWE2NjE3IiwidXNlcks2lkIjoiNjA3YjBiMTVhYWIzYTgwNWY3ZWE2NjE3IiwiX2lkIjoiNjA3YjBiMTVhYWIzYTgwNWY3ZWE2NjE3IiwicGhvbmz3Mzk5M30.K7pwyvbxypeiOlYRsTIlLXY2xyk94tTd-CATQ85jYqM","exp":1620873993,"iat":1619577993}}}
  return hash.dig("data", "accessToken", "accessToken")
end
getToken() click to toggle source

用途:获取 access token,如果没过期就直接返回缓存的版本 如果过期了就重新去获取

# File lib/authing_ruby/management/ManagementTokenProvider.rb, line 32
def getToken()
  accessToken = @options.fetch(:accessToken, nil)
  return accessToken if accessToken
  
  # 缓存到 accessToken 过期前 3600 s
  current_timestamps_in_second = Time.now.to_i
  if @_accessToken && @_accessTokenExpriredAt > current_timestamps_in_second + 3600
    return @_accessToken
  end

  return _getAccessTokenFromServer();
end
refreshToken() click to toggle source
# File lib/authing_ruby/management/ManagementTokenProvider.rb, line 77
def refreshToken
  api = AuthingRuby::GraphQLAPI.new
  accessToken = @options.fetch(:accessToken, nil)
  if accessToken == nil
    raise "无法刷新 token, 因为初始化时没有传入 accessToken"
  end
  hash = api.refreshAccessToken(@graphqlClient, {
    accessToken: accessToken
  })
  # {"errors"=>[{"message"=>{"code"=>500, "message"=>"该 token 在黑名单中"}, "locations"=>[{"line"=>2, "column"=>5}], "path"=>["refreshAccessToken"], "extensions"=>{"code"=>"INTERNAL_SERVER_ERROR", "exception"=>{"name"=>"TokenInBlackListError"}}}], "data"=>nil}
  if hash.dig("errors")
    return hash
  end
  return hash.dig("data", "refreshAccessToken", "accessToken")
end