Module: Doorkeeper::AccessTokenMixin

Extended by:
ActiveSupport::Concern
Includes:
Models::Accessible, Models::Concerns::WriteToPrimary, Models::Expirable, Models::ExpirationTimeSqlMath, Models::Orderable, Models::ResourceOwnerable, Models::Reusable, Models::Revocable, Models::Scopes, Models::SecretStorable, OAuth::Helpers
Defined in:
lib/doorkeeper/models/access_token_mixin.rb

Defined Under Namespace

Modules: ClassMethods

Constant Summary

Constants included from Models::ExpirationTimeSqlMath

Models::ExpirationTimeSqlMath::ADAPTERS_MAPPING, Models::ExpirationTimeSqlMath::WARNING_MESSAGE

Instance Method Summary collapse

Methods included from Models::Scopes

#includes_scope?, #scopes, #scopes=, #scopes_string

Methods included from Models::Accessible

#accessible?

Methods included from Models::Revocable

#revoke, #revoked?

Methods included from Models::Reusable

#reusable?

Methods included from Models::Expirable

#expired?, #expires_at, #expires_in_seconds

Instance Method Details

#acceptable?(scopes) ⇒ Boolean

Indicates if token is acceptable for specific scopes.

Parameters:

  • scopes (Array<String>)

    scopes

Returns:

  • (Boolean)

    true if record is accessible and includes scopes or false in other cases



410
411
412
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 410

def acceptable?(scopes)
  accessible? && includes_scope?(*scopes)
end

#as_json(_options = {}) ⇒ Hash

JSON representation of the Access Token instance.

Returns:

  • (Hash)

    hash with token data



354
355
356
357
358
359
360
361
362
363
364
365
366
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 354

def as_json(_options = {})
  {
    resource_owner_id: resource_owner_id,
    scope: scopes,
    expires_in: expires_in_seconds,
    application: { uid: application.try(:uid) },
    created_at: created_at.to_i,
  }.tap do |json|
    if Doorkeeper.configuration.polymorphic_resource_owner?
      json[:resource_owner_type] = resource_owner_type
    end
  end
end

#custom_attributesHash

The token’s custom attributes, as defined by the custom_access_token_attributes config option.

Returns:

  • (Hash)

    hash of custom access token attributes.



372
373
374
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 372

def custom_attributes
  self.class.extract_custom_attributes(attributes)
end

#plaintext_refresh_tokenObject

We keep a volatile copy of the raw refresh token for initial communication The stored refresh_token may be mapped and not available in cleartext.



416
417
418
419
420
421
422
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 416

def plaintext_refresh_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :refresh_token)
  else
    @raw_refresh_token
  end
end

#plaintext_tokenObject

We keep a volatile copy of the raw token for initial communication The stored refresh_token may be mapped and not available in cleartext.

Some strategies allow restoring stored secrets (e.g. symmetric encryption) while hashing strategies do not, so you cannot rely on this value returning a present value for persisted tokens.



430
431
432
433
434
435
436
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 430

def plaintext_token
  if secret_strategy.allows_restoring_secrets?
    secret_strategy.restore_secret(self, :token)
  else
    @raw_token
  end
end

#revoke_previous_refresh_token!Object

Revokes token with ‘:refresh_token` equal to `:previous_refresh_token` and clears `:previous_refresh_token` attribute.



441
442
443
444
445
446
447
448
449
450
451
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 441

def revoke_previous_refresh_token!
  return if !self.class.refresh_token_revoked_on_use? || previous_refresh_token.blank?

  old_refresh_token&.revoke

  if self.class.respond_to?(:with_primary_role)
    self.class.with_primary_role { update_attribute(:previous_refresh_token, "") }
  else
    update_attribute(:previous_refresh_token, "")
  end
end

#same_credential?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

Returns:

  • (Boolean)

    true if credentials are same of false in other cases



383
384
385
386
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 383

def same_credential?(access_token)
  application_id == access_token.application_id &&
    same_resource_owner?(access_token)
end

#same_resource_owner?(access_token) ⇒ Boolean

Indicates whether the token instance have the same credential as the other Access Token.

Parameters:

Returns:

  • (Boolean)

    true if credentials are same of false in other cases



395
396
397
398
399
400
401
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 395

def same_resource_owner?(access_token)
  if Doorkeeper.configuration.polymorphic_resource_owner?
    resource_owner == access_token.resource_owner
  else
    resource_owner_id == access_token.resource_owner_id
  end
end

#token_typeObject

Access Token type: Bearer.

See Also:



342
343
344
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 342

def token_type
  "Bearer"
end

#use_refresh_token?Boolean

Returns:

  • (Boolean) 


346
347
348
349
 
# File 'lib/doorkeeper/models/access_token_mixin.rb', line 346

def use_refresh_token?
  @use_refresh_token ||= false
  !!@use_refresh_token
end