module Doorkeeper::AccessTokenMixin::ClassMethods

Public Instance Methods

by_refresh_token(refresh_token) click to toggle source

Returns an instance of the Doorkeeper::AccessToken with specific token value.

@param refresh_token [#to_s]

refresh token value (any object that responds to %x`#to_s`)

@return [Doorkeeper::AccessToken, nil] AccessToken object or nil

if there is no record with such refresh token
# File lib/doorkeeper/models/access_token_mixin.rb, line 35
def by_refresh_token(refresh_token)
  find_by(refresh_token: refresh_token.to_s)
end
by_token(token) click to toggle source

Returns an instance of the Doorkeeper::AccessToken with specific token value.

@param token [#to_s]

token value (any object that responds to %x`#to_s`)

@return [Doorkeeper::AccessToken, nil] AccessToken object or nil

if there is no record with such token
# File lib/doorkeeper/models/access_token_mixin.rb, line 22
def by_token(token)
  find_by(token: token.to_s)
end
find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token) click to toggle source

Looking for not expired AccessToken record with a matching set of scopes that belongs to specific Application and Resource Owner. If it doesn't exists - then creates it.

@param application [Doorkeeper::Application]

Application instance

@param resource_owner_id [ActiveRecord::Base, Integer]

Resource Owner model instance or it's ID

@param scopes [#to_s]

set of scopes (any object that responds to %x`#to_s`)

@param expires_in [Integer]

token lifetime in seconds

@param use_refresh_token [Boolean]

whether to use the refresh token

@return [Doorkeeper::AccessToken] existing record or a new one

# File lib/doorkeeper/models/access_token_mixin.rb, line 118
def find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token)
  if Doorkeeper.configuration.reuse_access_token
    access_token = matching_token_for(application, resource_owner_id, scopes)
    if access_token && !access_token.expired?
      return access_token
    end
  end

  create!(
    application_id:    application.try(:id),
    resource_owner_id: resource_owner_id,
    scopes:            scopes.to_s,
    expires_in:        expires_in,
    use_refresh_token: use_refresh_token
  )
end
last_authorized_token_for(application_id, resource_owner_id) click to toggle source

Looking for not revoked Access Token record that belongs to specific Application and Resource Owner.

@param application_id [Integer]

ID of the Application model instance

@param resource_owner_id [Integer]

ID of the Resource Owner model instance

@return [Doorkeeper::AccessToken, nil] matching AccessToken object or

nil if nothing was found
# File lib/doorkeeper/models/access_token_mixin.rb, line 146
def last_authorized_token_for(application_id, resource_owner_id)
  ordered_by(:created_at, :desc).
    find_by(application_id: application_id,
            resource_owner_id: resource_owner_id,
            revoked_at: nil)
end
matching_token_for(application, resource_owner_or_id, scopes) click to toggle source

Looking for not expired Access Token with a matching set of scopes that belongs to specific Application and Resource Owner.

@param application [Doorkeeper::Application]

Application instance

@param resource_owner_or_id [ActiveRecord::Base, Integer]

Resource Owner model instance or it's ID

@param scopes [String, Doorkeeper::OAuth::Scopes]

set of scopes

@return [Doorkeeper::AccessToken, nil] Access Token instance or

nil if matching record was not found
# File lib/doorkeeper/models/access_token_mixin.rb, line 67
def matching_token_for(application, resource_owner_or_id, scopes)
  resource_owner_id = if resource_owner_or_id.respond_to?(:to_key)
                        resource_owner_or_id.id
                      else
                        resource_owner_or_id
                      end
  token = last_authorized_token_for(application.try(:id), resource_owner_id)
  if token && scopes_match?(token.scopes, scopes, application.try(:scopes))
    token
  end
end
revoke_all_for(application_id, resource_owner, clock = Time) click to toggle source

Revokes AccessToken records that have not been revoked and associated with the specific Application and Resource Owner.

@param application_id [Integer]

ID of the Application

@param resource_owner [ActiveRecord::Base]

instance of the Resource Owner model
# File lib/doorkeeper/models/access_token_mixin.rb, line 47
def revoke_all_for(application_id, resource_owner, clock = Time)
  where(application_id: application_id,
        resource_owner_id: resource_owner.id,
        revoked_at: nil).
    update_all(revoked_at: clock.now.utc)
end
scopes_match?(token_scopes, param_scopes, app_scopes) click to toggle source

Checks whether the token scopes match the scopes from the parameters or Application scopes (if present).

@param token_scopes [#to_s]

set of scopes (any object that responds to %x`#to_s`)

@param param_scopes [String]

scopes from params

@param app_scopes [String]

Application scopes

@return [Boolean] true if all scopes are blank or matches

and false in other cases
# File lib/doorkeeper/models/access_token_mixin.rb, line 92
def scopes_match?(token_scopes, param_scopes, app_scopes)
  (!token_scopes.present? && !param_scopes.present?) ||
    Doorkeeper::OAuth::Helpers::ScopeChecker.match?(
      token_scopes.to_s,
      param_scopes,
      app_scopes
    )
end