booth 0.0.1 → 0.0.2

data/lib/booth/adminland/credentials/create.rb

@@ -1,28 +1,26 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     module Credentials
       class Create
-        include ::Booth::MethodObject
+        include Calls
         include ::Booth::Logging
 
+        option :domain
+        option :scope
         option :username
-        option :allowed_modes
-        option :scope, default: -> { :default }
 
         def call
-          creation = ::Booth::Credentials::Create.call(
-            username:,
-            allowed_modes:,
-            scope:
-          )
+          creation = ::Booth::Core::Credentials::Create.call(domain:, scope:, username:)
 
           return creation if creation.failure?
 
           # Not exposing the ActiveRecord model outside of Booth.
-          Tron.success :credential_created,
-                       id: creation.credential.id,
-                       scope: creation.credential.scope,
-                       allowed_modes: creation.credential.allowed_modes.map(&:to_sym)
+          Tron.success :credential_created, id: creation.credential.id,
+                                            domain: creation.credential.domain,
+                                            scope: creation.credential.scope,
+                                            username: creation.credential.username
         end
       end
     end

data/lib/booth/adminland/credentials/index.rb

@@ -0,0 +1,31 @@
+# # frozen_string_literal: true
+
+# module Booth
+#   module Adminland
+#     module Credentials
+#       class Index
+#         include Calls
+#         include ::Booth::Logging
+
+#         option :domain
+#         option :scope
+
+#         def call
+#           # TODO: Pagination
+#           records = Booth::Models::Credential.sorted_scope
+#                                              .where(domain:, scope:)
+#                                              .limit(100)
+#                                              .map do |credential|
+#             # Not exposing ActiveRecord models outside of Booth.
+#             ::Booth::ToStruct.call(id: credential.id,
+#                                    username: credential.username)
+#           end
+
+#           Tron.success :indexed_credentials, records:,
+#                                              domain:,
+#                                              scope:
+#         end
+#       end
+#     end
+#   end
+# end

data/lib/booth/adminland/onboardings/create.rb

@@ -1,22 +1,24 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     module Onboardings
       class Create
-        include ::Booth::MethodObject
+        include Calls
         include ::Booth::Logging
 
         option :credential_id
 
         def call
-          find_action.on_success { validate_action }
-                     .on_success { save_action }
+          do_find_record.on_success { do_validate }
+                        .on_success { do_save }
         end
 
         private
 
-        def find_action
+        def do_find_record
           if credential
-            debug { "Found the credential with id #{credential_id.inspect}, deleting any current onboardings" }
+            log { "Found Credential with ID #{credential_id.inspect}, deleting other onboardings" }
             ::Booth::Models::Onboarding.where(credential_id: credential.id).destroy_all
             Tron.success :credential_exists
           else
@@ -25,27 +27,34 @@ module Booth
           end
         end
 
-        def validate_action
+        def do_validate
           if onboarding.valid?
-            debug { 'The new onboarding record is valid' }
+            log { 'The new onboarding record is valid' }
             Tron.success :record_is_valid
           else
-            debug { "The new onboarding record is invalid: #{onboarding.errors.full_messages.to_sentence}" }
-            Tron.failure :invalid_record, message: onboarding.errors.full_messages.to_sentence
+            log { "The new Onboarding is invalid: #{onboarding.errors.to_a.to_sentence}" }
+            Tron.failure :invalid_record, message: onboarding.errors.to_a.to_sentence
           end
         end
 
-        def save_action
+        def do_save
           if onboarding.save
-            debug { 'Successfully persisted a new onboarding record' }
-            Tron.success :onboarding_created, id: onboarding.id, credential_id: credential.id,
-                                              secret_key: onboarding.secret_key
+            respond_success
           else
-            debug { 'Could not persist a new onboarding record' }
-            Tron.failure :persistence_failed, message: onboarding.errors.full_messages.to_sentence
+            log { 'Could not persist a new onboarding record' }
+            Tron.failure :persistence_failed, message: onboarding.errors.to_a.to_sentence
           end
         end
 
+        def respond_success
+          log { 'Successfully persisted a new onboarding record' }
+          emit 'onboarding.created', id: onboarding.id, credential_id: credential.id
+
+          Tron.success :onboarding_created, id: onboarding.id,
+                                        credential_id: credential.id,
+                                        secret_key: onboarding.secret_key
+        end
+
         def credential
           return @credential if defined?(@credential)
 

data/lib/booth/adminland/onboardings/destroy.rb

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     module Onboardings
       class Destroy
         include ::Booth::Logging
-        include ::Booth::MethodObject
+        include Calls
 
         option :id, as: :raw_id
 
@@ -16,14 +18,14 @@ module Booth
         def do_verify_id
           return Tron.success :valid_id_syntax if id
 
-          debug { "Invalid Onboarding ID #{raw_id.inspect}" }
+          log { "Invalid Onboarding ID #{raw_id.inspect}" }
           Tron.failure :invalid_id_syntax, id:, credential_id: nil
         end
 
         def do_find_record
           return Tron.success :record_found if record
 
-          debug { "Could not find Onboarding with ID #{id.inspect}" }
+          log { "Could not find Onboarding with ID #{id.inspect}" }
           Tron.failure :onboarding_not_found, id: nil, credential_id: nil
         end
 
@@ -42,7 +44,9 @@ module Booth
         end
 
         def record
-          @record ||= ::Booth::Models::Onboarding.find_by(id:)
+          return @record if defined?(@record)
+
+          @record = ::Booth::Models::Onboarding.find_by(id:)
         end
       end
     end

data/lib/booth/adminland/onboardings/find.rb

@@ -1,91 +1,98 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     module Onboardings
+      # Find a Onboarding either by #id or #credential_id.
       class Find
+        include Calls
         include ::Booth::Logging
-        include ::Booth::MethodObject
 
-        option :id, default: -> {}
-        option :credential_id, default: -> {}, as: :raw_credential_id
-        option :raise_if_missing, default: -> { false }
-        option :only_unused, default: -> { false }
+        option :domain
+        option :scope
+        option :id, as: :raw_id, optional: true
+        option :credential_id, as: :raw_credential_id, optional: true
 
         def call
-          do_check_id
+          do_check_domain
+            .on_success { do_check_id_argument }
+            .on_success { do_check_scope }
+            .on_success { do_check_id }
             .on_success { do_find_onboarding }
-            .on_success { do_check_used }
             .on_success { do_serialize_onboarding }
         end
 
         private
 
-        def do_check_id
-          return Tron.success(:id_is_valid) if onboarding_id || credential_id
+        attr_accessor :onboarding
 
-          Tron.failure :no_id_provided, record: nil
+        # TODO: Actually compare
+        def do_check_domain
+          ::Booth::Syntaxes::Domain.call(domain)
         end
 
-        def do_find_onboarding
-          @onboarding = if onboarding_id
-                          ::Booth::Models::Onboarding.find_by(id: onboarding_id)
-                        else
-                          ::Booth::Models::Onboarding.find_by(credential_id:)
-                        end
-
-          return Tron.success :onboarding_exists if @onboarding
+        def do_check_scope
+          ::Booth::Syntaxes::Scope.call(scope)
+        end
 
-          if onboarding_id
-            debug { "Couldn't find Onboarding with ID #{onboarding_id.inspect}" }
+        def do_check_id_argument
+          if @raw_id == Dry::Initializer::UNDEFINED &&
+             @raw_credential_id == Dry::Initializer::UNDEFINED
+            Tron.failure(:missing_id_or_credential_id)
           else
-            debug { "Couldn't find Onboarding with credential ID #{credential_id.inspect}" }
+            Tron.success(:id_or_credential_id_was_provided)
           end
+        end
 
-          result = Tron.failure :onboarding_not_found, provided_onboarding_id: id.inspect,
-                                                       provided_credential_id: raw_credential_id.inspect,
-                                                       record: nil
-          raise result if raise_if_missing
+        def do_check_id
+          return Tron.success(:id_is_valid) if onboarding_id || credential_id
 
-          result
+          Tron.failure :invalid_id_provided
         end
 
-        def do_check_used
-          return Tron.success :onboarding_is_new if @onboarding.step == :choose_mode
-          return Tron.success :we_allow_used_onboardings unless only_unused
+        def do_find_onboarding
+          self.onboarding = find_onboarding
+
+          return Tron.success :onboarding_exists if onboarding
 
-          error = Tron.failure(:onboarding_already_used, provided_onboarding_id: id.inspect,
-                                                         provided_credential_id: raw_credential_id.inspect,
-                                                         record: nil)
-          raise error if raise_if_missing
+          if onboarding_id
+            log { "Couldn't find Onboarding with ID #{onboarding_id.inspect}" }
+          else
+            log { "Couldn't find Onboarding with credential ID #{credential_id.inspect}" }
+          end
 
-          error
+          Tron.failure :onboarding_not_found, provided_onboarding_id: raw_id,
+                                              provided_credential_id: raw_credential_id
         end
 
         def do_serialize_onboarding
           attributes = @onboarding.attributes
                                   .symbolize_keys
-                                  .slice(:id, :credential_id, :secret_key, :accessed_at, :mode)
-                                  .merge(additional_attributes)
+                                  .slice(:id, :credential_id, :secret_key, :accessed_at, :consumed_at)
+                                  .merge(username: onboarding.username, consumed?: onboarding.consumed?, domain:)
 
-          debug { "Onboarding found ID #{@onboarding.id.inspect} and Credential ID #{@onboarding.credential_id.inspect}" }
-          Tron.success(:onboarding_found, record: ::Booth::ToStruct.call(attributes))
+          log do
+            "Onboarding found ID #{@onboarding.id.inspect} and Credential ID #{@onboarding.credential_id.inspect}"
+          end
+          Tron.success(:onboarding_found, **attributes)
         end
 
         # Helpers
 
         def onboarding_id
-          ::Booth::Syntaxes::Uuid.call(id, raise_if_invalid: false).uuid
+          ::Booth::Syntaxes::Uuid.call(raw_id, raise_if_invalid: false).uuid
         end
 
         def credential_id
           ::Booth::Syntaxes::Uuid.call(raw_credential_id, raise_if_invalid: false).uuid
         end
 
-        def additional_attributes
-          {
-            step: @onboarding.step,
-            username: @onboarding.username,
-            is_completed: @onboarding.completed?,
-          }
+        def find_onboarding
+          if onboarding_id
+            ::Booth::Models::Onboarding.find_by(id: onboarding_id)
+          else
+            ::Booth::Models::Onboarding.find_by(credential_id:)
+          end
         end
       end
     end

data/lib/booth/adminland/onboardings/find_unconsumed.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Booth
+  module Adminland
+    module Onboardings
+      # Find a Onboarding that can still be consumed.
+      class FindUnconsumed
+        include Calls
+        include ::Booth::Logging
+
+        option :id, as: :raw_id
+
+        def call
+          do_check_id
+            .on_success { do_find_onboarding }
+            .on_success { do_check_consumed }
+            .on_success { do_serialize_onboarding }
+        end
+
+        private
+
+        attr_accessor :onboarding
+
+        def do_check_id
+          return Tron.success(:id_is_valid) if id
+
+          Tron.failure :no_id_provided, record: nil
+        end
+
+        def do_find_onboarding
+          self.onboarding = Booth::Models::Onboarding.find_by(id:)
+          return Tron.success(:onboarding_exists) if onboarding
+
+          Tron.failure(:onboarding_not_found, id:, record: nil)
+        end
+
+        def do_check_consumed
+          return Tron.success :onboarding_can_be_consumed unless onboarding.consumed?
+
+          Tron.failure(:onboarding_already_consumed, id:, record: nil)
+        end
+
+        def do_serialize_onboarding
+          attributes = onboarding.attributes
+                                 .symbolize_keys
+                                 .slice(:id, :credential_id, :secret_key, :consumed?)
+                                 .merge(username: onboarding.username)
+
+          log { "Onboarding with ID #{@onboarding.id.inspect} found" }
+          Tron.success(:onboarding_found, record: ::Booth::ToStruct.call(attributes))
+        end
+
+        # Helpers
+
+        def id
+          ::Booth::Syntaxes::Uuid.call(raw_id, raise_if_invalid: false).uuid
+        end
+      end
+    end
+  end
+end

data/lib/booth/adminland/onboardings/index.rb

@@ -1,10 +1,13 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     module Onboardings
       class Index
-        include ::Booth::MethodObject
+        include Calls
 
-        option :scope, ->(scope) { ::Booth::Syntaxes::Scope.call(scope).normalized_scope }
+        option :domain, ::Booth::Coercers::Domain
+        option :scope, ::Booth::Coercers::Scope
 
         def call
           Tron.success(:all_onboardings, records:)
@@ -15,7 +18,7 @@ module Booth
         def records
           ::Booth::Models::Onboarding.includes_scope
                                      .sorted_scope
-                                     .where(credential: { scope: })
+                                     .where(credential: { domain:, scope: })
         end
       end
     end

data/lib/booth/adminland/periodic_cleanup.rb

@@ -1,10 +1,15 @@
+# frozen_string_literal: true
+
 module Booth
   module Adminland
     class PeriodicCleanup
-      include ::Booth::MethodObject
+      include Calls
 
       def call
-        # TODO
+        # TODO: Implement cleanup.
+        # - Remove revoked sessions older than a year.
+        # - Remove Credentials without Authenticator older than a year.
+        # - Remove old Authenticators that were added but never completed/tested.
       end
     end
   end

data/lib/booth/adminland.rb

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
+
 module Booth
+  # Public API that you can call in your Rails app.
   module Adminland
     # ------------------
     # Credential Helpers
@@ -8,38 +11,34 @@ module Booth
       ::Booth::Adminland::Credentials::Create.call(...)
     end
 
-
-    # ------------------
+    # --------------
     # Onboarding Helpers
-    # ------------------
+    # --------------
 
-    def self.create_onboarding(...)
-      ::Booth::Adminland::Onboardings::Create.call(...)
+    def self.index_onboardings(...)
+      ::Booth::Adminland::Onboardings::Index.call(...)
     end
 
-    def self.destroy_onboarding(...)
-      ::Booth::Adminland::Onboardings::Destroy.call(...)
+    def self.create_onboarding(...)
+      ::Booth::Adminland::Onboardings::Create.call(...)
     end
 
     def self.find_onboarding(...)
       ::Booth::Adminland::Onboardings::Find.call(...)
     end
 
-    def self.find_onboarding_for_mail_delivery(id:)
-      ::Booth::Adminland::Onboardings::Find.call(id:, only_unused: true, raise_if_missing: true)
+    # For Mailers.
+    def self.find_unconsumed_onboarding(...)
+      ::Booth::Adminland::Onboardings::FindUnconsumed.call(...)
     end
 
-    def self.index_onboardings(...)
-      ::Booth::Adminland::Onboardings::Index.call(...)
+    def self.destroy_onboarding(...)
+      ::Booth::Adminland::Onboardings::Destroy.call(...)
     end
 
-
-
-    # Other
-
-    def self.consume_recovery(...)
-      ::Booth::Adminland::Recoveries::Consume.call(...)
-    end
+    # ----------------
+    # Internal Helpers
+    # ----------------
 
     def self.periodic_cleanup(...)
       ::Booth::Adminland::PeriodicCleanup.call(...)

data/lib/booth/coercers/domain.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Booth
+  module Coercers
+    class Domain
+      def self.call(input)
+        ::Booth::Syntaxes::Domain.call(input).valid_domain
+      end
+    end
+  end
+end

data/lib/booth/coercers/request.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Booth
+  module Coercers
+    class Request
+      include ::Booth::Logging
+
+      # If `DRY::Initializer` is used, then `Booth::Request` can be used as a
+      # [Coercer](https://dry-rb.org/gems/dry-initializer/3.0/type-constraints/#back-references).
+      #
+      # **Example:**
+      #
+      # ```ruby
+      # class Thing
+      #   extend DRY::Initializer
+      #
+      #   option :request, ::Booth::Coercers::Request  # This uses Booth::Request.call as coercer
+      # end
+      #
+      # # This runs Booth::Request.call(rack_request, self).
+      # thing = Thing.new(request: rack_request)
+      # # (So in .call we have both, rack_request and the new Thing instance available).
+      # ```
+      #
+      # **Parameters:**
+      #
+      # - `request`: See initializer.
+      # - `initializer` - Some instance that called the coercer.
+      #
+      # **Returns:**
+      #
+      # - A new Booth::Request instance.
+      #
+      def self.call(request, initializer)
+        # `initializer` is some instance that is trying to coerce one of its params into a `Booth::Request`.
+        # By convention, that's where we assume the scope to be specified. So we take it from there.
+        #
+        if request.is_a?(::Booth::Request)
+          return request if request.scope == initializer.scope
+
+          # return ::Booth::Request.new(scope: initializer.scope, request: request.send(:request))
+
+          raise "Request has #{request.scope} but #{initializer} has #{initializer.scope}"
+          # request = request.send(:request)
+        end
+
+        ::Booth::Request.new(request:, scope: initializer.scope)
+      end
+    end
+  end
+end

data/lib/booth/coercers/scope.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Booth
+  module Coercers
+    class Scope
+      def self.call(input)
+        ::Booth::Syntaxes::Scope.call(input).normalized_scope
+      end
+    end
+  end
+end

data/lib/booth/comparisons/domain.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Booth
+  module Comparisons
+    # Compares two FQDN (fully quantified domain name).
+    class Domain
+      include ::Booth::Logging
+      include Calls
+
+      option :expected, as: :raw_expected # Might be secret, usually comes from DB
+      option :actual, as: :raw_actual # Can be revealed to end-user, usually comes from request
+
+      def call
+        return Tron.success(:identical_domains) if expected == actual
+
+        log { "The expected domain #{expected.inspect} does not match actual #{actual.inspect}" }
+        Tron.failure :mismatching_domain, expected: raw_expected,
+                                          actual: raw_actual,
+                                          public_message:
+      end
+
+      private
+
+      def expected
+        ::Booth::Syntaxes::Domain.call(raw_expected).valid_domain
+      end
+
+      def actual
+        ::Booth::Syntaxes::Domain.call(raw_actual).valid_domain
+      end
+
+      # TODO: I18n
+      def public_message
+        "The domain #{raw_actual} seems to be wrong."
+      end
+    end
+  end
+end

data/lib/booth/comparisons/scope.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Booth
+  module Comparisons
+    # Compares two scope names.
+    class Scope
+      include ::Booth::Logging
+      include Calls
+
+      option :expected, as: :raw_expected # Might be secret, usually comes from DB
+      option :actual, as: :raw_actual # Can probably be revealed to end-user, comes from Controller
+
+      def call
+        return Tron.success(:identical_scopes) if expected == actual
+
+        log { "The expected scope #{expected.inspect} does not match actual #{actual.inspect}" }
+        Tron.failure :mismatching_scope, expected: raw_expected,
+                                         actual: raw_actual,
+                                         public_message:
+      end
+
+      private
+
+      def expected
+        ::Booth::Syntaxes::Scope.call(raw_expected).normalized_scope
+      end
+
+      def actual
+        ::Booth::Syntaxes::Scope.call(raw_actual).normalized_scope
+      end
+
+      # TODO: I18n
+      def public_message
+        "The scope #{raw_actual} seems to be wrong."
+      end
+    end
+  end
+end