class Doorkeeper::SecretStoring::BCrypt

Plain text secret storing, which is the default but also provides fallback lookup if other secret storing mechanisms are enabled.

Public Class Methods

allows_restoring_secrets?() click to toggle source

Determines whether this strategy supports restoring secrets from the database. This allows detecting users trying to use a non-restorable strategy with reuse_access_tokens.

# File lib/doorkeeper/secret_storing/bcrypt.rb, line 30
def self.allows_restoring_secrets?
  false
end
bcrypt_present?() click to toggle source

Test if we can require the BCrypt gem

# File lib/doorkeeper/secret_storing/bcrypt.rb, line 52
def self.bcrypt_present?
  require "bcrypt"
  true
rescue LoadError
  false
end
secret_matches?(input, stored) click to toggle source

Securely compare the given input value with a stored value processed by transform_secret.

# File lib/doorkeeper/secret_storing/bcrypt.rb, line 20
def self.secret_matches?(input, stored)
  ::BCrypt::Password.new(stored.to_s) == input.to_s
rescue ::BCrypt::Errors::InvalidHash
  false
end
transform_secret(plain_secret) click to toggle source

Return the value to be stored by the database @param plain_secret The plain secret input / generated

# File lib/doorkeeper/secret_storing/bcrypt.rb, line 13
def self.transform_secret(plain_secret)
  ::BCrypt::Password.create(plain_secret.to_s)
end
validate_for(model) click to toggle source

Determines what secrets this strategy is applicable for

# File lib/doorkeeper/secret_storing/bcrypt.rb, line 36
def self.validate_for(model)
  unless model.to_sym == :application
    raise ArgumentError,
          "'#{name}' can only be used for storing application secrets."
  end

  unless bcrypt_present?
    raise ArgumentError,
          "'#{name}' requires the 'bcrypt' gem being loaded."
  end

  true
end