Module: Legion::Extensions::Identity::Entra::Helpers::Scopes

Defined in:: lib/legion/extensions/identity/entra/helpers/scopes.rb

Constant Summary collapse

BASE =

%w[openid profile email offline_access].freeze

Class Method Summary collapse

.catalog_for(pattern) ⇒ Object
.enabled_categories(pattern:) ⇒ Object
.resolve(pattern:, categories_hash: nil) ⇒ Object
.scopes_for(pattern:, category:, catalog: nil) ⇒ Object
.setting(pattern, key) ⇒ Object
.settings_scopes_for(pattern:, category:) ⇒ Object

Class Method Details

.catalog_for(pattern) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 33

def self.catalog_for(pattern)
  case pattern.to_sym
  when :delegated       then Delegated::Scopes::CATEGORIES
  when :application     then Application::Scopes::CATEGORIES
  when :managed_identity  then ManagedIdentity::Scopes::CATEGORIES
  when :workload_identity then WorkloadIdentity::Scopes::CATEGORIES
  else {}
  end
end

.enabled_categories(pattern:) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 26

def self.enabled_categories(pattern:)
  configured = setting(pattern, :enabled_categories)
  return configured.map(&:to_sym) if configured.is_a?(Array) && !configured.empty?

  [:microsoft_graph]
end

.resolve(pattern:, categories_hash: nil) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 11

def self.resolve(pattern:, categories_hash: nil)
  cats = categories_hash || catalog_for(pattern)
  enabled = enabled_categories(pattern: pattern)
  additional = enabled.flat_map { |cat| scopes_for(pattern: pattern, category: cat, catalog: cats) }
  (BASE + additional).uniq.join(' ')
end

.scopes_for(pattern:, category:, catalog: nil) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 18

def self.scopes_for(pattern:, category:, catalog: nil)
  configured = settings_scopes_for(pattern: pattern, category: category)
  return configured if configured

  cats = catalog || catalog_for(pattern)
  cats.fetch(category, [])
end

.setting(pattern, key) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 51

def self.setting(pattern, key)
  return nil unless defined?(Legion::Settings)

  Legion::Settings.dig(:identity, :entra, pattern.to_sym, :scopes, key)
end

.settings_scopes_for(pattern:, category:) ⇒ `Object`

# File 'lib/legion/extensions/identity/entra/helpers/scopes.rb', line 43

def self.settings_scopes_for(pattern:, category:)
  overrides = setting(pattern, :category_overrides)
  return nil unless overrides.is_a?(Hash)

  val = overrides[category] || overrides[category.to_s]
  val.is_a?(Array) && !val.empty? ? val.map(&:to_s) : nil
end

Module: Legion::Extensions::Identity::Entra::Helpers::Scopes

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.catalog_for(pattern) ⇒ Object

.enabled_categories(pattern:) ⇒ Object

.resolve(pattern:, categories_hash: nil) ⇒ Object

.scopes_for(pattern:, category:, catalog: nil) ⇒ Object

.setting(pattern, key) ⇒ Object

.settings_scopes_for(pattern:, category:) ⇒ Object

.catalog_for(pattern) ⇒ `Object`

.enabled_categories(pattern:) ⇒ `Object`

.resolve(pattern:, categories_hash: nil) ⇒ `Object`

.scopes_for(pattern:, category:, catalog: nil) ⇒ `Object`

.setting(pattern, key) ⇒ `Object`

.settings_scopes_for(pattern:, category:) ⇒ `Object`