Class: Aspera::OAuth::Web

Inherits:
Base
  • Object
show all
Defined in:
lib/aspera/oauth/web.rb

Overview

Authentication using Web browser

Instance Attribute Summary

Attributes inherited from Base

#scope

Instance Method Summary collapse

Methods inherited from Base

#create_token_call, #optional_scope_client_id, #token

Constructor Details

#initialize(redirect_uri:, path_authorize: 'authorize', **base_params) ⇒ Web

Returns a new instance of Web.

Parameters:

  • redirect_uri

    url to receive the code after auth (to be exchanged for token)

  • path_authorize (defaults to: 'authorize')

    path to login page on web app



13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/aspera/oauth/web.rb', line 13

def initialize(
  redirect_uri:,
  path_authorize: 'authorize',
  **base_params
)
  super(**base_params)
  @redirect_uri = redirect_uri
  @path_authorize = path_authorize
  uri = URI.parse(@redirect_uri)
  Aspera.assert(%w[http https].include?(uri.scheme)){'redirect_uri scheme must be http or https'}
  Aspera.assert(!uri.port.nil?){'redirect_uri must have a port'}
  # TODO: we could check that host is localhost or local address, as we are going to listen locally
end

Instance Method Details

#create_tokenObject 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/aspera/oauth/web.rb', line 27

def create_token
  # generate secure state to check later
  random_state = SecureRandom.uuid
   = Rest.build_uri(
    "#{@base_url}/#{@path_authorize}",
    optional_scope_client_id.merge(response_type: 'code', redirect_uri: @redirect_uri, state: random_state))
  # here, we need a human to authorize on a web page
  Log.log.info{"login_page_url=#{}".bg_red.gray}
  # start a web server to receive request code
  web_server = WebAuth.new(@redirect_uri)
  # start browser on login page
  Environment.instance.open_uri()
  # wait for code in request
  received_params = web_server.received_request
  Aspera.assert(random_state.eql?(received_params['state'])){'wrong received state'}
  # exchange code for token
  return create_token_call(optional_scope_client_id(add_secret: true).merge(
    grant_type:   'authorization_code',
    code:         received_params['code'],
    redirect_uri: @redirect_uri))
end