module Zaikio::OAuthClient

Constants

VERSION

Attributes

client_name[R]

Public Class Methods

configuration() click to toggle source
# File lib/zaikio/oauth_client.rb, line 18
def configuration
  @configuration ||= Configuration.new
end
configure() { |configuration| ... } click to toggle source
# File lib/zaikio/oauth_client.rb, line 13
def configure
  @configuration ||= Configuration.new
  yield(configuration)
end
fetch_new_token(client_config:, bearer_type:, bearer_id:, scopes:) click to toggle source
# File lib/zaikio/oauth_client.rb, line 109
def fetch_new_token(client_config:, bearer_type:, bearer_id:, scopes:)
  Zaikio::AccessToken.build_from_access_token(
    client_config.token_by_client_credentials(
      bearer_type: bearer_type,
      bearer_id: bearer_id,
      scopes: scopes
    ),
    requested_scopes: scopes
  ).tap(&:save!)
end
find_usable_access_token(client_name:, bearer_type:, bearer_id:, requested_scopes:, valid_for: 30.seconds) click to toggle source

Finds the best usable access token. Note that this token may have expired and would require refreshing.

# File lib/zaikio/oauth_client.rb, line 86
def find_usable_access_token(client_name:, bearer_type:, bearer_id:, requested_scopes:, valid_for: 30.seconds)  # rubocop:disable Metrics/MethodLength
  configuration.logger.debug "Try to fetch token for client_name: #{client_name}, "\
                             "bearer #{bearer_type}/#{bearer_id}, requested_scopes: #{requested_scopes}"

  fetch_access_token = lambda {
    Zaikio::AccessToken
      .where(audience: client_name)
      .usable(
        bearer_type: bearer_type,
        bearer_id: bearer_id,
        requested_scopes: requested_scopes,
        valid_until: valid_for.from_now
      )
      .first
  }

  if configuration.logger.respond_to?(:silence)
    configuration.logger.silence { fetch_access_token.call }
  else
    fetch_access_token.call
  end
end
for(client_name = nil) click to toggle source
# File lib/zaikio/oauth_client.rb, line 22
def for(client_name = nil)
  client_config_for(client_name).oauth_client
end
get_access_token(bearer_id:, client_name: nil, bearer_type: "Person", scopes: nil, valid_for: 30.seconds) click to toggle source

Finds the best possible access token, using the DB or an API call

* If the token has expired, it will be refreshed using the refresh_token flow
  (if this fails, we fallback to getting a new token using client_credentials)
* If the token does not exist, we'll get a new one using the client_credentials flow
# File lib/zaikio/oauth_client.rb, line 65
def get_access_token(bearer_id:, client_name: nil, bearer_type: "Person", scopes: nil, valid_for: 30.seconds)
  client_config = client_config_for(client_name || self.client_name)
  scopes ||= client_config.default_scopes_for(bearer_type)

  token = find_usable_access_token(client_name: client_config.client_name,
                                   bearer_type: bearer_type,
                                   bearer_id: bearer_id,
                                   requested_scopes: scopes,
                                   valid_for: valid_for)

  token = token.refresh! if token&.expired?

  token ||= fetch_new_token(client_config: client_config,
                            bearer_type: bearer_type,
                            bearer_id: bearer_id,
                            scopes: scopes)
  token
end
get_plain_scopes(scopes) click to toggle source
# File lib/zaikio/oauth_client.rb, line 120
def get_plain_scopes(scopes)
  regex = /^((Org|Per)\.)?(.*)$/
  scopes.filter_map do |scope|
    (regex.match(scope) || [])[3]
  end
end
oauth_scheme() click to toggle source
# File lib/zaikio/oauth_client.rb, line 26
def oauth_scheme
  @oauth_scheme ||= :request_body
end
with_auth(options_or_access_token) { |access_token| ... } click to toggle source
# File lib/zaikio/oauth_client.rb, line 45
def with_auth(options_or_access_token, &block)
  access_token = if options_or_access_token.is_a?(Zaikio::AccessToken)
                   options_or_access_token
                 else
                   get_access_token(**options_or_access_token)
                 end

  return unless block

  if configuration.around_auth_block
    configuration.around_auth_block.call(access_token, block)
  else
    yield(access_token)
  end
end
with_client(client_name) { || ... } click to toggle source
# File lib/zaikio/oauth_client.rb, line 37
def with_client(client_name)
  original_client_name = @client_name || nil
  @client_name = client_name
  yield
ensure
  @client_name = original_client_name
end
with_oauth_scheme(scheme = :request_body) { || ... } click to toggle source
# File lib/zaikio/oauth_client.rb, line 30
def with_oauth_scheme(scheme = :request_body)
  @oauth_scheme = scheme
  yield
ensure
  @oauth_scheme = :request_body
end

Private Class Methods

client_config_for(client_name = nil) click to toggle source
# File lib/zaikio/oauth_client.rb, line 129
def client_config_for(client_name = nil)
  raise StandardError.new, "Zaikio::OAuthClient was not configured" unless configuration

  configuration.find!(client_name || configuration.all_client_names.first)
end