class ADAL::CachedTokenResponse

Proxy object for a token response with metadata.

Attributes

authority[R]
client_id[R]
token_response[R]

Public Class Methods

from_json(json) click to toggle source

Reconstructs an object from JSON that was serialized with CachedTokenResponse#to_json.

@param JSON raw_json @return CachedTokenResponse

# File lib/adal/cached_token_response.rb, line 73
def self.from_json(json)
  json = JSON.parse(json) if json.instance_of? String
  CachedTokenResponse.new(json['client_id'],
                          Authority.new(*json['authority']),
                          SuccessResponse.new(json['token_response']))
end
new(client, authority, token_response) click to toggle source

Constructs a new CachedTokenResponse.

@param ClientCredential|ClientAssertion|ClientAssertionCertificate

The credentials of the calling client application.

@param Authority authority

The ADAL::Authority object that the response was retrieved from.

@param SuccessResponse token_response

The token response to be cached.
# File lib/adal/cached_token_response.rb, line 39
def initialize(client, authority, token_response)
  unless token_response.instance_of? SuccessResponse
    fail ArgumentError, 'Only SuccessResponses can be cached.'
  end
  @authority = authority
  if client.respond_to? :client_id
    @client = client
    @client_id = client.client_id
  else
    @client = ClientCredential.new(client)
    @client_id = client
  end
  @token_response = token_response
end

Public Instance Methods

==(other) click to toggle source

Since the token cache may be implemented by the user of this library, all means of checking equality must be consistent.

# File lib/adal/cached_token_response.rb, line 161
def ==(other)
  [:authority, :client_id, :token_response].all? do |field|
    (other.respond_to? field) && (send(field) == other.send(field))
  end
end
can_refresh?(other) click to toggle source

Determines if self can be used to refresh other.

@param CachedTokenResponse other @return Boolean

# File lib/adal/cached_token_response.rb, line 85
def can_refresh?(other)
  mrrt? && (authority == other.authority) &&
    (user_info == other.user_info) && (client_id == other.client_id)
end
eql?(other) click to toggle source
# File lib/adal/cached_token_response.rb, line 167
def eql?(other)
  self == other
end
hash() click to toggle source
# File lib/adal/cached_token_response.rb, line 171
def hash
  [authority, client_id, token_response].hash
end
mrrt?() click to toggle source

Is the token a Multi Resource Refresh Token?

@return Boolean

# File lib/adal/cached_token_response.rb, line 154
def mrrt?
  token_response.refresh_token && token_response.resource
end
refresh(new_resource = resource) click to toggle source

Attempts to refresh the access token for a given resource. Note that you can call this method with a different resource even if the token is not an MRRT, but it will fail

@param String resource

The resource that the new access token is beign requested for. Defaults
to using the same resource as the original token.

@return TokenResponse

# File lib/adal/cached_token_response.rb, line 131
def refresh(new_resource = resource)
  token_response = TokenRequest
                   .new(authority, @client)
                   .get_with_refresh_token(refresh_token, new_resource)
  if token_response.instance_of? SuccessResponse
    token_response.parse_id_token(id_token)
  end
  token_response
end
refresh_token=(token) click to toggle source

Changes the refresh token of the underlying token response.

@param String token

# File lib/adal/cached_token_response.rb, line 145
def refresh_token=(token)
  token_response.instance_variable_set(:@refresh_token, token)
  logger.verbose("Updated the refresh token for #{token_response}.")
end
to_json(_ = nil) click to toggle source

Converts the fields in this object and its proxied SuccessResponse into a JSON string.

@param JSON::Ext::Generator::State

We don't care about the state, but JSON::unparse requires this.

@return String

# File lib/adal/cached_token_response.rb, line 61
def to_json(_ = nil)
  JSON.unparse(authority: [authority.host, authority.tenant],
               client_id: client_id,
               token_response: token_response)
end
validate(expiration_buffer_sec = 0) click to toggle source

If the access token is within the expiration buffer of expiring, an attempt will be made to retrieve a new token with the refresh token.

@param Fixnum expiration_buffer_sec

The number of seconds to use as leeway in determining if the token is
expired. A positive buffer will refresh the token early while a negative
buffer will refresh it late. Used to counter clock skew and network
latency.

@return Boolean

True if the token is still valid (even if it was refreshed). False if
the token is expired an unable to be refreshed.
# File lib/adal/cached_token_response.rb, line 102
def validate(expiration_buffer_sec = 0)
  return true if (Time.now + expiration_buffer_sec).to_i < expires_on
  unless refresh_token
    logger.verbose('Cached token is almost expired but no refresh token ' \
                   'is available.')
    return false
  end
  logger.verbose('Cached token is almost expired, attempting to refresh ' \
                 ' with refresh token.')
  refresh_response = refresh
  if refresh_response.instance_of? SuccessResponse
    logger.verbose('Successfully refreshed token in cache.')
    @token_response = refresh_response
    true
  else
    logger.warn('Failed to refresh token in cache with refresh token.')
    false
  end
end

Private Instance Methods

method_missing(method, *args, &block) click to toggle source

CachedTokenResponse is just a proxy for TokenResponse.

Calls superclass method
# File lib/adal/cached_token_response.rb, line 178
def method_missing(method, *args, &block)
  if token_response.respond_to?(method)
    token_response.send(method, *args, &block)
  else
    super(method)
  end
end
respond_to_missing?(method, include_private = false) click to toggle source
Calls superclass method
# File lib/adal/cached_token_response.rb, line 186
def respond_to_missing?(method, include_private = false)
  token_response.respond_to?(method, include_private) || super
end