Module: Doorkeeper::AccessGrantMixin::ClassMethods

Defined in:

lib/doorkeeper/models/access_grant_mixin.rb

Instance Method Summary

• #by_token(token) ⇒ Doorkeeper::AccessGrant^?

  Searches for Doorkeeper::AccessGrant record with the specific token value.

• #fallback_secret_strategy ⇒ Doorkeeper::SecretStoring::Base

  Determine the fallback storing strategy Unless configured, there will be no fallback.

• #generate_code_challenge(code_verifier) ⇒ #to_s

  suitable for PKCE validation.

• #pkce_supported? ⇒ Boolean
• #revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object

  Revokes AccessGrant records that have not been revoked and associated with the specific Application and Resource Owner.

• #secret_strategy ⇒ Doorkeeper::SecretStoring::Base

  Determines the secret storing transformer Unless configured otherwise, uses the plain secret strategy.

Instance Method Details

#by_token(token) ⇒ Doorkeeper::AccessGrant^?

Searches for Doorkeeper::AccessGrant record with the specific token value.

Parameters:

• token (#to_s) —

  token value (any object that responds to ‘#to_s`)

Returns:

• (Doorkeeper::AccessGrant, nil) —

  AccessGrant object or nil if there is no record with such token

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 32

def by_token(token)
  find_by_plaintext_token(:token, token)
end

#fallback_secret_strategy ⇒ Doorkeeper::SecretStoring::Base

Determine the fallback storing strategy Unless configured, there will be no fallback

Returns:

• (Doorkeeper::SecretStoring::Base)

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 119

def fallback_secret_strategy
  ::Doorkeeper.config.token_secret_fallback_strategy
end

#generate_code_challenge(code_verifier) ⇒ #to_s

suitable for PKCE validation

Parameters:

• code_verifier (#to_s) —

  a one time use value (any object that responds to ‘#to_s`)

Returns:

• (#to_s) —

  An encoded code challenge based on the provided verifier

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 95

def generate_code_challenge(code_verifier)
  Base64.urlsafe_encode64(Digest::SHA256.digest(code_verifier), padding: false)
end

#pkce_supported? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 99

def pkce_supported?
  column_names.include?("code_challenge")
end

#revoke_all_for(application_id, resource_owner, clock = Time) ⇒ Object

Revokes AccessGrant records that have not been revoked and associated with the specific Application and Resource Owner.

Parameters:

• application_id (Integer) —

  ID of the Application

• resource_owner (ActiveRecord::Base, Integer) —

  instance of the Resource Owner model or it’s ID

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 44

def revoke_all_for(application_id, resource_owner, clock = Time)
  with_primary_role do
    by_resource_owner(resource_owner)
      .where(
        application_id: application_id,
        revoked_at: nil,
      )
      .update_all(revoked_at: clock.now.utc)
  end
end

#secret_strategy ⇒ Doorkeeper::SecretStoring::Base

Determines the secret storing transformer Unless configured otherwise, uses the plain secret strategy

Returns:

• (Doorkeeper::SecretStoring::Base)

# File 'lib/doorkeeper/models/access_grant_mixin.rb', line 109

def secret_strategy
  ::Doorkeeper.config.token_secret_strategy
end