authlete 0.5.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/authlete.rb +24 -1
- data/lib/authlete/api.rb +298 -146
- data/lib/authlete/authentication-server.rb +1 -1
- data/lib/authlete/exception.rb +6 -3
- data/lib/authlete/model/client-extension.rb +135 -135
- data/lib/authlete/model/client-list.rb +128 -128
- data/lib/authlete/model/client.rb +468 -468
- data/lib/authlete/model/hashable.rb +1 -1
- data/lib/authlete/model/pair.rb +102 -102
- data/lib/authlete/model/property.rb +116 -0
- data/lib/authlete/model/request/authentication-callback-request.rb +90 -90
- data/lib/authlete/model/request/authorization-fail-request.rb +107 -104
- data/lib/authlete/model/request/authorization-issue-request.rb +167 -133
- data/lib/authlete/model/request/authorization-request.rb +101 -101
- data/lib/authlete/model/request/client-authorization-delete-request.rb +123 -0
- data/lib/authlete/model/request/client-authorization-get-list-request.rb +123 -0
- data/lib/authlete/model/request/client-authorization-update-request.rb +118 -0
- data/lib/authlete/model/request/client-secret-update-request.rb +121 -0
- data/lib/authlete/model/request/developer-authentication-callback-request.rb +84 -84
- data/lib/authlete/model/request/granted-scopes-request.rb +103 -0
- data/lib/authlete/model/request/introspection-request.rb +117 -39
- data/lib/authlete/model/request/revocation-request.rb +125 -0
- data/lib/authlete/model/request/standard-introspection-request.rb +102 -0
- data/lib/authlete/model/request/token-create-request.rb +250 -0
- data/lib/authlete/model/request/token-fail-request.rb +104 -101
- data/lib/authlete/model/request/token-issue-request.rb +116 -101
- data/lib/authlete/model/request/token-request.rb +127 -121
- data/lib/authlete/model/request/token-update-request.rb +165 -0
- data/lib/authlete/model/request/user-info-issue-request.rb +113 -0
- data/lib/authlete/model/request/user-info-request.rb +102 -0
- data/lib/authlete/model/response/authentication-callback-response.rb +53 -53
- data/lib/authlete/model/response/authorization-fail-response.rb +48 -48
- data/lib/authlete/model/response/authorization-issue-response.rb +85 -48
- data/lib/authlete/model/response/authorization-response.rb +177 -164
- data/lib/authlete/model/response/client-authorization-get-list-response.rb +60 -0
- data/lib/authlete/model/response/client-secret-refresh-response.rb +48 -0
- data/lib/authlete/model/response/client-secret-update-response.rb +48 -0
- data/lib/authlete/model/response/developer-authentication-callback-response.rb +55 -55
- data/lib/authlete/model/response/granted-scopes-get-response.rb +63 -0
- data/lib/authlete/model/response/introspection-response.rb +163 -132
- data/lib/authlete/model/response/revocation-response.rb +49 -0
- data/lib/authlete/model/response/service-creatable-response.rb +50 -50
- data/lib/authlete/model/response/standard-introspection-response.rb +49 -0
- data/lib/authlete/model/response/token-create-response.rb +100 -0
- data/lib/authlete/model/response/token-fail-response.rb +49 -49
- data/lib/authlete/model/response/token-issue-response.rb +138 -49
- data/lib/authlete/model/response/token-response.rb +168 -70
- data/lib/authlete/model/response/token-update-response.rb +62 -0
- data/lib/authlete/model/response/user-info-issue-response.rb +47 -0
- data/lib/authlete/model/response/user-info-response.rb +85 -0
- data/lib/authlete/model/result.rb +44 -44
- data/lib/authlete/model/scope.rb +1 -1
- data/lib/authlete/model/service-list.rb +1 -1
- data/lib/authlete/model/service-owner.rb +1 -1
- data/lib/authlete/model/service.rb +4 -2
- data/lib/authlete/model/sns-credentials.rb +1 -1
- data/lib/authlete/model/tagged-value.rb +97 -97
- data/lib/authlete/utility.rb +1 -1
- data/lib/authlete/version.rb +2 -2
- metadata +24 -2
@@ -0,0 +1,60 @@
|
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::ClientAuthorizationGetListResponse class
|
22
|
+
#
|
23
|
+
# This class represents a response from Authlete's /api/client/authorization/get/list API.
|
24
|
+
class ClientAuthorizationGetListResponse
|
25
|
+
# Start index of search results (inclusive).
|
26
|
+
# (Integer)
|
27
|
+
attr_accessor :start
|
28
|
+
|
29
|
+
# End index of search results (exclusive).
|
30
|
+
# (Integer)
|
31
|
+
attr_accessor :end
|
32
|
+
|
33
|
+
# Unique Developer ID. (String)
|
34
|
+
attr_accessor :developer
|
35
|
+
|
36
|
+
# The total number of clients that meet the conditions. (Integer)
|
37
|
+
attr_accessor :totalCount
|
38
|
+
alias_method :total_count, :totalCount
|
39
|
+
alias_method :total_count=, :totalCount=
|
40
|
+
|
41
|
+
# The list of clients. (Client array)
|
42
|
+
attr_accessor :clients
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
# The constructor which takes a hash that represents a JSON response
|
47
|
+
# from Authlete's /api/client/authorization/get/list API.
|
48
|
+
def initialize(hash = {})
|
49
|
+
@start = extract_integer_value(hash, :start)
|
50
|
+
@end = extract_integer_value(hash, :end)
|
51
|
+
@developer = extract_value(hash, :developer)
|
52
|
+
@totalCount = extract_integer_value(hash, :totalCount)
|
53
|
+
@clients = extract_array_value(hash, :clients) do |element|
|
54
|
+
Authlete::Model::Client.parse(element)
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::ClientSecretRefreshResponse class
|
22
|
+
#
|
23
|
+
# This class represents a response from Authlete's /api/client/secret/refresh/{clientIdentifier} API.
|
24
|
+
class ClientSecretRefreshResponse < Authlete::Model::Result
|
25
|
+
# The new client secret. (String)
|
26
|
+
attr_accessor :newClientSecret
|
27
|
+
alias_method :new_client_secret, :newClientSecret
|
28
|
+
alias_method :new_client_secret=, :newClientSecret=
|
29
|
+
|
30
|
+
# The old client secret. (String)
|
31
|
+
attr_accessor :oldClientSecret
|
32
|
+
alias_method :old_client_secret, :oldClientSecret
|
33
|
+
alias_method :old_client_secret=, :oldClientSecret=
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
# The constructor which takes a hash that represents a JSON response
|
38
|
+
# from Authlete's /api/client/secret/refresh/{clientIdentifier} API.
|
39
|
+
def initialize(hash = {})
|
40
|
+
super(hash)
|
41
|
+
|
42
|
+
@newClientSecret = extract_value(hash, :newClientSecret)
|
43
|
+
@oldClientSecret = extract_value(hash, :oldClientSecret)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::ClientSecretUpdateResponse class
|
22
|
+
#
|
23
|
+
# This class represents a response from Authlete's /api/client/secret/update/{clientIdentifier} API.
|
24
|
+
class ClientSecretUpdateResponse < Authlete::Model::Result
|
25
|
+
# The new client secret. (String)
|
26
|
+
attr_accessor :newClientSecret
|
27
|
+
alias_method :new_client_secret, :newClientSecret
|
28
|
+
alias_method :new_client_secret=, :newClientSecret=
|
29
|
+
|
30
|
+
# The old client secret. (String)
|
31
|
+
attr_accessor :oldClientSecret
|
32
|
+
alias_method :old_client_secret, :oldClientSecret
|
33
|
+
alias_method :old_client_secret=, :oldClientSecret=
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
# The constructor which takes a hash that represents a JSON response
|
38
|
+
# from Authlete's /api/client/secret/update/{clientIdentifier} API.
|
39
|
+
def initialize(hash = {})
|
40
|
+
super(hash)
|
41
|
+
|
42
|
+
@newClientSecret = extract_value(hash, :newClientSecret)
|
43
|
+
@oldClientSecret = extract_value(hash, :oldClientSecret)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -1,56 +1,56 @@
|
|
1
|
-
# :nodoc:
|
2
|
-
#
|
3
|
-
# Copyright (C) 2014-
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
|
18
|
-
module Authlete
|
19
|
-
module Model
|
20
|
-
module Response
|
21
|
-
# == Authlete::Model::Response::DeveloperAuthenticationCallbackResponse class
|
22
|
-
#
|
23
|
-
# This class represents a response from a developer authentication callback endpoint.
|
24
|
-
class DeveloperAuthenticationCallbackResponse
|
25
|
-
include Authlete::Utility
|
26
|
-
# True when the developer has been authenticated (= is a valid developer).
|
27
|
-
attr_accessor :authenticated
|
28
|
-
|
29
|
-
# The unique identifier of the developer.
|
30
|
-
attr_accessor :subject
|
31
|
-
|
32
|
-
# The display name of the developer.
|
33
|
-
attr_accessor :displayName
|
34
|
-
alias_method :display_name, :displayName
|
35
|
-
alias_method :display_name=, :displayName=
|
36
|
-
|
37
|
-
# The constructor which takes a hash that represents a JSON response
|
38
|
-
# from a developer authentication callback endpoint.
|
39
|
-
def initialize(hash = {})
|
40
|
-
@authenticated = extract_boolean_value(hash, :authenticated)
|
41
|
-
@subject = extract_value(hash, :subject)
|
42
|
-
@displayName = extract_value(hash, :displayName)
|
43
|
-
end
|
44
|
-
|
45
|
-
# Generate an array which is usable as a Rack response from this instance.
|
46
|
-
def to_rack_response
|
47
|
-
to_rack_response_json(200, JSON.generate(
|
48
|
-
:authenticated => @authenticated,
|
49
|
-
:subject => @subject,
|
50
|
-
:displayName => @displayName
|
51
|
-
))
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::DeveloperAuthenticationCallbackResponse class
|
22
|
+
#
|
23
|
+
# This class represents a response from a developer authentication callback endpoint.
|
24
|
+
class DeveloperAuthenticationCallbackResponse
|
25
|
+
include Authlete::Utility
|
26
|
+
# True when the developer has been authenticated (= is a valid developer).
|
27
|
+
attr_accessor :authenticated
|
28
|
+
|
29
|
+
# The unique identifier of the developer.
|
30
|
+
attr_accessor :subject
|
31
|
+
|
32
|
+
# The display name of the developer.
|
33
|
+
attr_accessor :displayName
|
34
|
+
alias_method :display_name, :displayName
|
35
|
+
alias_method :display_name=, :displayName=
|
36
|
+
|
37
|
+
# The constructor which takes a hash that represents a JSON response
|
38
|
+
# from a developer authentication callback endpoint.
|
39
|
+
def initialize(hash = {})
|
40
|
+
@authenticated = extract_boolean_value(hash, :authenticated)
|
41
|
+
@subject = extract_value(hash, :subject)
|
42
|
+
@displayName = extract_value(hash, :displayName)
|
43
|
+
end
|
44
|
+
|
45
|
+
# Generate an array which is usable as a Rack response from this instance.
|
46
|
+
def to_rack_response
|
47
|
+
to_rack_response_json(200, JSON.generate(
|
48
|
+
:authenticated => @authenticated,
|
49
|
+
:subject => @subject,
|
50
|
+
:displayName => @displayName
|
51
|
+
))
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
56
|
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::GrantedScopesGetResponse class
|
22
|
+
#
|
23
|
+
# A class that represents a response from Authlete's
|
24
|
+
# /api/client/granted_scopes/get/{clientId} API.
|
25
|
+
class GrantedScopesGetResponse < Authlete::Model::Result
|
26
|
+
# Service API key. (Integer)
|
27
|
+
attr_accessor :serviceApiKey
|
28
|
+
alias_method :service_api_key, :serviceApiKey
|
29
|
+
alias_method :service_api_key=, :serviceApiKey=
|
30
|
+
|
31
|
+
# Client ID.. (Integer)
|
32
|
+
attr_accessor :clientId
|
33
|
+
alias_method :client_id, :clientId
|
34
|
+
alias_method :client_id=, :clientId=
|
35
|
+
|
36
|
+
# Unique User ID. (String)
|
37
|
+
attr_accessor :subject
|
38
|
+
|
39
|
+
# Scopes granted by the last authorization process. (String array)
|
40
|
+
attr_accessor :latestGrantedScopes
|
41
|
+
alias_method :latest_granted_scopes, :latestGrantedScopes
|
42
|
+
alias_method :latest_granted_scopes=, :latestGrantedScopes=
|
43
|
+
|
44
|
+
# All scopes granted so far. (String array)
|
45
|
+
attr_accessor :mergedGrantedScopes
|
46
|
+
alias_method :merged_granted_scopes, :mergedGrantedScopes
|
47
|
+
alias_method :merged_granted_scopes=, :mergedGrantedScopes=
|
48
|
+
|
49
|
+
# The constructor which takes a hash that represents a JSON response
|
50
|
+
# from /api/client/granted_scopes/get/{clientId} API.
|
51
|
+
def initialize(hash = {})
|
52
|
+
super(hash)
|
53
|
+
|
54
|
+
@serviceApiKey = extract_integer_value(hash, :serviceApiKey)
|
55
|
+
@clientId = extract_integer_value(hash, :clientId)
|
56
|
+
@subject = extract_value(hash, :subject)
|
57
|
+
@latestGrantedScopes = extract_value(hash, :latestGrantedScopes)
|
58
|
+
@mergedGrantedScopes = extract_value(hash, :mergedGrantedScopes)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
@@ -1,133 +1,164 @@
|
|
1
|
-
# :nodoc:
|
2
|
-
#
|
3
|
-
# Copyright (C) 2014-
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
|
18
|
-
module Authlete
|
19
|
-
module Model
|
20
|
-
module Response
|
21
|
-
# == Authlete::Model::Response::IntrospectionResponse class
|
22
|
-
#
|
23
|
-
# A class that represents a response from Authlete's
|
24
|
-
# /api/auth/introspection API.
|
25
|
-
class IntrospectionResponse < Authlete::Model::Result
|
26
|
-
# The next action which the caller of the API should take next.
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
# the
|
31
|
-
|
32
|
-
|
33
|
-
alias_method :client_id
|
34
|
-
|
35
|
-
|
36
|
-
#
|
37
|
-
#
|
38
|
-
attr_accessor :
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
#
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
#
|
50
|
-
attr_accessor :
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
#
|
57
|
-
#
|
58
|
-
attr_accessor :
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
#
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
alias_method
|
82
|
-
alias_method :
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
#
|
88
|
-
#
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
#
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
1
|
+
# :nodoc:
|
2
|
+
#
|
3
|
+
# Copyright (C) 2014-2018 Authlete, Inc.
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
|
18
|
+
module Authlete
|
19
|
+
module Model
|
20
|
+
module Response
|
21
|
+
# == Authlete::Model::Response::IntrospectionResponse class
|
22
|
+
#
|
23
|
+
# A class that represents a response from Authlete's
|
24
|
+
# /api/auth/introspection API.
|
25
|
+
class IntrospectionResponse < Authlete::Model::Result
|
26
|
+
# The next action which the caller of the API should take next.
|
27
|
+
# (String)
|
28
|
+
attr_accessor :action
|
29
|
+
|
30
|
+
# The ID of the client application which is associated with
|
31
|
+
# the access token. (Integer)
|
32
|
+
attr_accessor :clientId
|
33
|
+
alias_method :client_id, :clientId
|
34
|
+
alias_method :client_id=, :clientId=
|
35
|
+
|
36
|
+
# The flag which indicates whether the client ID alias was used when
|
37
|
+
# the authorization request for the access token was made. (String)
|
38
|
+
attr_accessor :clientIdAlias
|
39
|
+
alias_method :client_id_alias, :clientIdAlias
|
40
|
+
alias_method :client_id_alias=, :clientIdAlias=
|
41
|
+
|
42
|
+
# The flag which indicates whether the client ID alias was used when
|
43
|
+
# the authorization request or the token request for the access token
|
44
|
+
# was made. (Boolean)
|
45
|
+
attr_accessor :clientIdAliasUsed
|
46
|
+
alias_method :client_id_alias_used, :clientIdAliasUsed
|
47
|
+
alias_method :client_id_alias_used=, :clientIdAliasUsed=
|
48
|
+
|
49
|
+
# The time at which the access token expires. (Integer)
|
50
|
+
attr_accessor :expiresAt
|
51
|
+
alias_method :expires_at, :expiresAt
|
52
|
+
alias_method :expires_at=, :expiresAt=
|
53
|
+
|
54
|
+
# The subject which is associated with the access token.
|
55
|
+
# This is <tt>nil</tt> if the access token was created
|
56
|
+
# through {Client Credentials Flow}[https://tools.ietf.org/html/rfc6749#section-4.4].
|
57
|
+
# (String)
|
58
|
+
attr_accessor :subject
|
59
|
+
|
60
|
+
# The scopes which is associated with the access token. (String array)
|
61
|
+
attr_accessor :scopes
|
62
|
+
|
63
|
+
# True when the access token exists. (Boolean)
|
64
|
+
attr_accessor :existent
|
65
|
+
|
66
|
+
# True when the access token is usable (= exists and has not expired).
|
67
|
+
# (Boolean)
|
68
|
+
attr_accessor :usable
|
69
|
+
|
70
|
+
# True when the access token covers all the scopes (if specified).
|
71
|
+
# (Boolean)
|
72
|
+
attr_accessor :sufficient
|
73
|
+
|
74
|
+
# True when the access token can be refreshed using its corresponding
|
75
|
+
# refresh token. (Boolean)
|
76
|
+
attr_accessor :refreshable
|
77
|
+
|
78
|
+
# The content of the error response that the service implementation
|
79
|
+
# should return to the client application. (String)
|
80
|
+
attr_accessor :response_content
|
81
|
+
alias_method :response_content, :responseContent
|
82
|
+
alias_method :response_content=, :responseContent=
|
83
|
+
|
84
|
+
# Extra properties associated with the access token. (Property array)
|
85
|
+
attr_accessor :properties
|
86
|
+
|
87
|
+
# The constructor which takes a hash that represents a JSON response
|
88
|
+
# from /api/auth/introspection API.
|
89
|
+
def initialize(hash = {})
|
90
|
+
super(hash)
|
91
|
+
|
92
|
+
@action = extract_value(hash, :action)
|
93
|
+
@clientId = extract_value(hash, :clientId)
|
94
|
+
@clientIdAlias = extract_value(hash, :clientIdAlias)
|
95
|
+
@clientIdAliasUsed = extract_boolean_value(hash, :clientIdAliasUsed)
|
96
|
+
@expiresAt = extract_integer_value(hash, :expiresAt)
|
97
|
+
@subject = extract_value(hash, :subject)
|
98
|
+
@scopes = extract_value(hash, :scopes)
|
99
|
+
@existent = extract_boolean_value(hash, :existent)
|
100
|
+
@usable = extract_boolean_value(hash, :usable)
|
101
|
+
@sufficient = extract_boolean_value(hash, :sufficient)
|
102
|
+
@refreshable = extract_boolean_value(hash, :refreshable)
|
103
|
+
@responseContent = extract_value(hash, :responseContent)
|
104
|
+
@properties = extract_array_value(hash, :scopes) do |element|
|
105
|
+
Authlete::Model::Property.parse(element)
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
alias_method :existent?, :existent
|
110
|
+
alias_method :exists, :existent
|
111
|
+
alias_method :exists?, :existent
|
112
|
+
alias_method :exist, :existent
|
113
|
+
alias_method :exist?, :existent
|
114
|
+
alias_method :usable?, :usable
|
115
|
+
alias_method :sufficient?, :sufficient
|
116
|
+
alias_method :refreshable?, :refreshable
|
117
|
+
|
118
|
+
# Generate an array which is usable as a Rack response from this instance.
|
119
|
+
# When <tt>action</tt> method returns other value than 'OK', the array
|
120
|
+
# returned from this method satisfies RFC 6750.
|
121
|
+
def to_rack_response
|
122
|
+
# 'action' denotes the next action.
|
123
|
+
case @action
|
124
|
+
when 'INTERNAL_SERVER_ERROR'
|
125
|
+
# 500 Internal Server Error
|
126
|
+
# The API request from this implementation was wrong
|
127
|
+
# or an error occurred in Authlete.
|
128
|
+
return to_rack_response_www_authenticate(500, @response_content)
|
129
|
+
|
130
|
+
when 'BAD_REQUEST'
|
131
|
+
# 400 Bad Request
|
132
|
+
# The request from the client application does not
|
133
|
+
# contain an access token.
|
134
|
+
return to_rack_response_www_authenticate(400, @response_content)
|
135
|
+
|
136
|
+
when 'UNAUTHORIZED'
|
137
|
+
# 401 Unauthorized
|
138
|
+
# The presented access token does not exist or has expired.
|
139
|
+
return to_rack_response_www_authenticate(401, @response_content)
|
140
|
+
|
141
|
+
when 'FORBIDDEN'
|
142
|
+
# 403 Forbidden
|
143
|
+
# The access token does not cover the required scopes
|
144
|
+
# or the subject associated with the access token is
|
145
|
+
# different.
|
146
|
+
return to_rack_response_www_authenticate(403, @response_content)
|
147
|
+
|
148
|
+
when 'OK'
|
149
|
+
# The access token is valid (= exists and has not expired).
|
150
|
+
# Basically, the caller won't use the array returned from here.
|
151
|
+
# Instead, it will return the protected resource to the client
|
152
|
+
# application which has presented the valid access token.
|
153
|
+
return [ 200, nil, nil ]
|
154
|
+
|
155
|
+
else
|
156
|
+
# This should not happen.
|
157
|
+
return to_rack_response_www_authenticate(500,
|
158
|
+
'Bearer error="server_error",error_description="Unknown action"')
|
159
|
+
end
|
160
|
+
end
|
161
|
+
end
|
162
|
+
end
|
163
|
+
end
|
133
164
|
end
|