class Doorkeeper::AccessGrant
Public Class Methods
# File lib/support/orm/rethinkdb/access_grant.rb, line 35 def by_token(token) find_by_plaintext_token(:token, token) end
Determine the fallback storing strategy Unless configured, there will be no fallback
@return [Doorkeeper::SecretStoring::Base]
# File lib/support/orm/rethinkdb/access_grant.rb, line 74 def fallback_secret_strategy ::Doorkeeper.config.token_secret_fallback_strategy end
# File lib/support/orm/rethinkdb/access_grant.rb, line 39 def find_by_plaintext_token(attr, token) # We are not implementing the fallback strategy where(attr => secret_strategy.transform_secret(token.to_s)).first end
@param code_verifier [#to_s] a one time use value (any object that responds to `#to_s`)
@return [#to_s] An encoded code challenge based on the provided verifier suitable for PKCE validation
# File lib/support/orm/rethinkdb/access_grant.rb, line 49 def generate_code_challenge(code_verifier) padded_result = Base64.urlsafe_encode64(Digest::SHA256.digest(code_verifier)) padded_result.split("=")[0] # Remove any trailing '=' end
# File lib/support/orm/rethinkdb/access_grant.rb, line 54 def pkce_supported? true end
Determines the secret storing transformer Unless configured otherwise, uses the plain secret strategy
@return [Doorkeeper::SecretStoring::Base]
# File lib/support/orm/rethinkdb/access_grant.rb, line 64 def secret_strategy ::Doorkeeper.config.token_secret_strategy end
Public Instance Methods
# File lib/support/orm/rethinkdb/access_grant.rb, line 83 def lock!; end
We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.
Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.
# File lib/support/orm/rethinkdb/access_grant.rb, line 95 def plaintext_token if secret_strategy.allows_restoring_secrets? secret_strategy.restore_secret(self, :token) else @raw_token end end
# File lib/support/orm/rethinkdb/access_grant.rb, line 103 def revoke(clock = Time) self.revoked_at = clock.now.utc self.save! end
# File lib/support/orm/rethinkdb/access_grant.rb, line 82 def transaction; yield; end
# File lib/support/orm/rethinkdb/access_grant.rb, line 85 def uses_pkce? self.code_challenge.present? end
Private Instance Methods
Generates token value with UniqueToken class.
@return [String] token value
# File lib/support/orm/rethinkdb/access_grant.rb, line 114 def generate_token self.ttl = (self.created_at + self.expires_in + 30).to_i if self.created_at && self.expires_in if self.token.blank? @raw_token = Doorkeeper::OAuth::Helpers::UniqueToken.generate secret_strategy.store_secret(self, :token, @raw_token) end end