Module: GDS::SSO::BearerToken

Defined in:: lib/gds-sso/bearer_token.rb

Class Method Summary collapse

.locate(token_string) ⇒ Object
.oauth_client ⇒ Object
.omniauth_style_response(response_body) ⇒ Object

Our User code assumes we’re getting our user data back via omniauth and so receiving it in omniauth’s preferred structure.

Class Method Details

.locate(token_string) ⇒ `Object`

# File 'lib/gds-sso/bearer_token.rb', line 8

def self.locate(token_string)
  user_details = GDS::SSO::Config.cache.fetch(["api-user-cache", token_string], expires_in: 5.minutes) do
    access_token = OAuth2::AccessToken.new(oauth_client, token_string)
    response_body = access_token.get("/user.json?client_id=#{CGI.escape(GDS::SSO::Config.oauth_id)}").body
    omniauth_style_response(response_body)
  end

  GDS::SSO::Config.user_klass.find_for_gds_oauth(user_details)
rescue OAuth2::Error
  nil
end

.oauth_client ⇒ `Object`

# File 'lib/gds-sso/bearer_token.rb', line 20

def self.oauth_client
  @oauth_client ||= OAuth2::Client.new(
    GDS::SSO::Config.oauth_id,
    GDS::SSO::Config.oauth_secret,
    site: GDS::SSO::Config.oauth_root_url,
    connection_opts: {
      headers: {
        user_agent: "gds-sso/#{GDS::SSO::VERSION} (#{ENV['GOVUK_APP_NAME']})",
      },
    }.merge(GDS::SSO::Config.connection_opts),
  )
end

.omniauth_style_response(response_body) ⇒ `Object`

Our User code assumes we’re getting our user data back via omniauth and so receiving it in omniauth’s preferred structure. Here we’re addressing signon directly so we need to transform the response ourselves.

# File 'lib/gds-sso/bearer_token.rb', line 37

def self.omniauth_style_response(response_body)
  input = JSON.parse(response_body).fetch("user")

  {
    "uid" => input["uid"],
    "info" => {
      "email" => input["email"],
      "name" => input["name"],
    },
    "extra" => {
      "user" => {
        "permissions" => input["permissions"],
        "organisation_slug" => input["organisation_slug"],
        "organisation_content_id" => input["organisation_content_id"],
      },
    },
  }
end

Module: GDS::SSO::BearerToken

Class Method Summary collapse

Class Method Details

.locate(token_string) ⇒ Object

.oauth_client ⇒ Object

.omniauth_style_response(response_body) ⇒ Object

.locate(token_string) ⇒ `Object`

.oauth_client ⇒ `Object`

.omniauth_style_response(response_body) ⇒ `Object`