Module: Legion::Extensions::MicrosoftTeams::Runners::Auth

Includes:
Helpers::Lex, Helpers::Client
Included in:
Client
Defined in:
lib/legion/extensions/microsoft_teams/runners/auth.rb

Instance Method Summary collapse

Methods included from Helpers::Client

#bot_connection, #graph_connection, #oauth_connection, #user_path

Instance Method Details

#acquire_bot_token(client_id:, client_secret:, scope: 'https://api.botframework.com/.default') ⇒ Object 



22
23
24
25
26
27
28
29
30
31
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 22

def acquire_bot_token(client_id:, client_secret:,
                      scope: 'https://api.botframework.com/.default', **)
  response = oauth_connection(tenant_id: 'botframework.com').post('oauth2/v2.0/token', {
                                                                    grant_type:    'client_credentials',
                                                                    client_id:     client_id,
                                                                    client_secret: client_secret,
                                                                    scope:         scope
                                                                  })
  { result: response.body }
end

#acquire_token(tenant_id:, client_id:, client_secret:, scope: 'https://graph.microsoft.com/.default') ⇒ Object 



12
13
14
15
16
17
18
19
20
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 12

def acquire_token(tenant_id:, client_id:, client_secret:, scope: 'https://graph.microsoft.com/.default', **)
  response = oauth_connection(tenant_id: tenant_id).post('oauth2/v2.0/token', {
                                                           grant_type:    'client_credentials',
                                                           client_id:     client_id,
                                                           client_secret: client_secret,
                                                           scope:         scope
                                                         })
  { result: response.body }
end

#auth_callback(code: nil, state: nil) ⇒ Object Also known as: handle 



110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 110

def auth_callback(code: nil, state: nil, **)
  unless code && state
    return {
      result:   { error: 'missing_params' },
      response: { status: 400, content_type: 'text/html',
                  body: '<html><body><h2>Missing code or state parameter</h2></body></html>' }
    }
  end

  Legion::Events.emit('microsoft_teams.oauth.callback', code: code, state: state) if defined?(Legion::Events)

  {
    result:   { authenticated: true, code: code, state: state },
    response: { status: 200, content_type: 'text/html',
                body: callback_success_html }
  }
end

#authorize_url(tenant_id:, client_id:, redirect_uri:, scope:, state:, code_challenge:, code_challenge_method: 'S256') ⇒ Object 



71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 71

def authorize_url(tenant_id:, client_id:, redirect_uri:, scope:, state:,
                  code_challenge:, code_challenge_method: 'S256', **)
  require 'uri'
  params = URI.encode_www_form(
    client_id:             client_id,
    response_type:         'code',
    redirect_uri:          redirect_uri,
    scope:                 scope,
    state:                 state,
    code_challenge:        code_challenge,
    code_challenge_method: code_challenge_method
  )
  "https://login.microsoftonline.com/#{tenant_id}/oauth2/v2.0/authorize?#{params}"
end

#exchange_code(tenant_id:, client_id:, code:, redirect_uri:, code_verifier:, scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access') ⇒ Object 



86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 86

def exchange_code(tenant_id:, client_id:, code:, redirect_uri:, code_verifier:,
                  scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access', **)
  response = oauth_connection(tenant_id: tenant_id).post('oauth2/v2.0/token', {
                                                           grant_type:    'authorization_code',
                                                           client_id:     client_id,
                                                           code:          code,
                                                           redirect_uri:  redirect_uri,
                                                           code_verifier: code_verifier,
                                                           scope:         scope
                                                         })
  { result: response.body }
end

#poll_device_code(tenant_id:, client_id:, device_code:, interval: 5, timeout: 300) ⇒ Object 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 42

def poll_device_code(tenant_id:, client_id:, device_code:, interval: 5, timeout: 300, **)
  conn = oauth_connection(tenant_id: tenant_id)
  deadline = Time.now + timeout
  current_interval = interval

  loop do
    response = conn.post('oauth2/v2.0/token', {
                           grant_type:  'urn:ietf:params:oauth:grant-type:device_code',
                           client_id:   client_id,
                           device_code: device_code
                         })
    body = response.body

    return { result: body } if body['access_token']

    case body['error']
    when 'authorization_pending'
      return { error: 'timeout', description: "Device code flow timed out after #{timeout}s" } if Time.now > deadline

      sleep(current_interval)
    when 'slow_down'
      current_interval += 5
      sleep(current_interval)
    else
      return { error: body['error'], description: body['error_description'] }
    end
  end
end

#refresh_delegated_token(tenant_id:, client_id:, refresh_token:, scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access') ⇒ Object 



99
100
101
102
103
104
105
106
107
108
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 99

def refresh_delegated_token(tenant_id:, client_id:, refresh_token:,
                            scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access', **)
  response = oauth_connection(tenant_id: tenant_id).post('oauth2/v2.0/token', {
                                                           grant_type:    'refresh_token',
                                                           client_id:     client_id,
                                                           refresh_token: refresh_token,
                                                           scope:         scope
                                                         })
  { result: response.body }
end

#request_device_code(tenant_id:, client_id:, scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access') ⇒ Object 



33
34
35
36
37
38
39
40
 
# File 'lib/legion/extensions/microsoft_teams/runners/auth.rb', line 33

def request_device_code(tenant_id:, client_id:,
                        scope: 'OnlineMeetings.Read OnlineMeetingTranscript.Read.All offline_access', **)
  response = oauth_connection(tenant_id: tenant_id).post('oauth2/v2.0/devicecode', {
                                                           client_id: client_id,
                                                           scope:     scope
                                                         })
  { result: response.body }
end