class Doorkeeper::AccessGrant

Public Class Methods

by_token(token) click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 35
def by_token(token)
  find_by_plaintext_token(:token, token)
end
fallback_secret_strategy() click to toggle source

Determine the fallback storing strategy Unless configured, there will be no fallback

@return [Doorkeeper::SecretStoring::Base]

# File lib/support/orm/rethinkdb/access_grant.rb, line 74
def fallback_secret_strategy
  ::Doorkeeper.config.token_secret_fallback_strategy
end
find_by_plaintext_token(attr, token) click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 39
def find_by_plaintext_token(attr, token)
  # We are not implementing the fallback strategy
  where(attr => secret_strategy.transform_secret(token.to_s)).first
end
generate_code_challenge(code_verifier) click to toggle source

@param code_verifier [#to_s] a one time use value (any object that responds to `#to_s`)

@return [#to_s] An encoded code challenge based on the provided verifier suitable for PKCE validation

# File lib/support/orm/rethinkdb/access_grant.rb, line 49
def generate_code_challenge(code_verifier)
  padded_result = Base64.urlsafe_encode64(Digest::SHA256.digest(code_verifier))
  padded_result.split("=")[0] # Remove any trailing '='
end
pkce_supported?() click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 54
def pkce_supported?
  true
end
secret_strategy() click to toggle source

Determines the secret storing transformer Unless configured otherwise, uses the plain secret strategy

@return [Doorkeeper::SecretStoring::Base]

# File lib/support/orm/rethinkdb/access_grant.rb, line 64
def secret_strategy
  ::Doorkeeper.config.token_secret_strategy
end

Public Instance Methods

lock!() click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 83
def lock!; end
plaintext_token() click to toggle source

We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.

Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.

# File lib/support/orm/rethinkdb/access_grant.rb, line 95
def plaintext_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :token)
  else
    @raw_token
  end
end
revoke(clock = Time) click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 103
def revoke(clock = Time)
  self.revoked_at = clock.now.utc
  self.save!
end
transaction() { || ... } click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 82
def transaction; yield; end
uses_pkce?() click to toggle source
# File lib/support/orm/rethinkdb/access_grant.rb, line 85
def uses_pkce?
  self.code_challenge.present?
end

Private Instance Methods

generate_token() click to toggle source

Generates token value with UniqueToken class.

@return [String] token value

# File lib/support/orm/rethinkdb/access_grant.rb, line 114
def generate_token
  self.ttl = (self.created_at + self.expires_in + 30).to_i if self.created_at && self.expires_in
  if self.token.blank?
    @raw_token = Doorkeeper::OAuth::Helpers::UniqueToken.generate
    secret_strategy.store_secret(self, :token, @raw_token)
  end
end