nobrainer_simple_oauth2 0.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 955c0bdff34ddd7464485fcc5f7d4b3d2394d525
+  data.tar.gz: 71ccae573dbb76e7d18b0c7450b02badd230756d
+SHA512:
+  metadata.gz: c090ea2135222a63d4dff028dee177e97456bcb1eca749b77c1088d12dcc654c6e41be5715f83f58fd93b77ce9668328c4b0874acd897b76d01677cf7c59371e
+  data.tar.gz: 666aa53c23421d3dd7fea8f47c9e7947880242cf397da770385640e63289aa3f4832e49b3d7c776506b168105099ec0c3c280049dfe711370ab2e1a916ceee68

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Volodimir Partytskyi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/lib/nobrainer_simple_oauth2.rb

@@ -0,0 +1,11 @@
+require 'simple_oauth2'
+
+require 'nobrainer_simple_oauth2/mixins/concerns/fields/resource_owner'
+require 'nobrainer_simple_oauth2/mixins/concerns/fields/client'
+require 'nobrainer_simple_oauth2/mixins/concerns/fields/access_token'
+require 'nobrainer_simple_oauth2/mixins/concerns/fields/access_grant'
+
+require 'nobrainer_simple_oauth2/mixins/access_token'
+require 'nobrainer_simple_oauth2/mixins/access_grant'
+require 'nobrainer_simple_oauth2/mixins/resource_owner'
+require 'nobrainer_simple_oauth2/mixins/client'

data/lib/nobrainer_simple_oauth2/mixins/access_grant.rb

@@ -0,0 +1,58 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      # Includes all the required API, associations, validations and callbacks
+      module AccessGrant
+        extend ActiveSupport::Concern
+
+        include NoBrainer::Simple::OAuth2::Fields::AccessGrant
+
+        included do
+          belongs_to :client, class_name: ::Simple::OAuth2.config.client_class_name,
+                              foreign_key: :client_id, primary_key: :id
+          belongs_to :resource_owner, class_name: ::Simple::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id, primary_key: :id
+
+          before_save { self.updated_at = Time.now }
+          before_validation :setup_expiration, if: :new_record?
+
+          # Searches for AccessGrant record with the specific token value
+          #
+          # @param token [#to_s] token value (any object that responds to `#to_s`)
+          #
+          # @return [AccessGrant, nil] AccessGrant object or nil if there is no record with such `#token`
+          #
+          scope(:by_token) { |token| where(token: token.to_s).first }
+
+          # Create a new AccessGrant object
+          #
+          # @param client [Object] Client instance
+          # @param resource_owner [Object] ResourceOwner instance
+          # @param redirect_uri [String] Redirect URI callback
+          # @param scopes [String] set of scopes
+          #
+          # @return [AccessGrant] AccessGrant object
+          #
+          def self.create_for(client, resource_owner, redirect_uri, scopes = nil)
+            create(
+              client_id: client.id,
+              resource_owner_id: resource_owner.id,
+              redirect_uri: redirect_uri,
+              scopes: scopes
+            )
+          end
+
+          private
+
+          # Set lifetime for code value during creating a new record
+          #
+          # @return clock [Time] time object
+          #
+          def setup_expiration
+            self.expires_at = Time.now.utc + ::Simple::OAuth2.config.authorization_code_lifetime if expires_at.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/access_token.rb

@@ -0,0 +1,102 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      # Includes all the required API, associations, validations and callbacks
+      module AccessToken
+        extend ActiveSupport::Concern
+
+        include NoBrainer::Simple::OAuth2::Fields::AccessToken
+
+        included do # rubocop:disable Metrics/BlockLength
+          before_save { self.updated_at = Time.now }
+          before_validation :setup_expiration, if: :new_record?
+
+          belongs_to :client, class_name: ::Simple::OAuth2.config.client_class_name,
+                              foreign_key: :client_id, primary_key: :id
+          belongs_to :resource_owner, class_name: ::Simple::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id, primary_key: :id
+
+          # Searches for AccessToken record with the specific `#token` value
+          #
+          # @param token [#to_s] token value (any object that responds to `#to_s`)
+          #
+          # @return [AccessToken, nil] AccessToken object or nil if there is no record with such `#token`
+          #
+          scope(:by_token) { |token| where(token: token.to_s).first }
+
+          # Returns an instance of the AccessToken with specific `#refresh_token` value
+          #
+          # @param refresh_token [#to_s] refresh token value (any object that responds to `#to_s`)
+          #
+          # @return [AccessToken, nil] AccessToken object or nil if there is no record with such `#refresh_token`
+          #
+          scope(:by_refresh_token) { |refresh_token| where(refresh_token: refresh_token.to_s).first }
+
+          # Create a new AccessToken object
+          #
+          # @param client [Object] Client instance
+          # @param resource_owner [Object] ResourceOwner instance
+          # @param scopes [String] set of scopes
+          #
+          # @return [AccessToken] AccessToken object
+          #
+          def self.create_for(client, resource_owner, scopes = nil)
+            create(
+              client_id: client.id,
+              resource_owner_id: resource_owner.id,
+              scopes: scopes
+            )
+          end
+
+          # Indicates whether the object is expired (`#expires_at` present and expiration time has come)
+          #
+          # @return [Boolean] true if object expired and false in other case
+          #
+          def expired?
+            expires_at && Time.now.utc > expires_at
+          end
+
+          # Indicates whether the object has been revoked
+          #
+          # @return [Boolean] true if revoked, false in other case
+          #
+          def revoked?
+            revoked_at && revoked_at <= Time.now.utc
+          end
+
+          # Revokes the object (updates `:revoked_at` attribute setting its value to the specific time)
+          #
+          # @param clock [Time] time object
+          #
+          def revoke!(revoked_at = Time.now.utc)
+            update!(revoked_at: revoked_at)
+          end
+
+          # Exposes token object to Bearer token
+          #
+          # @return [Hash] bearer token instance
+          #
+          def to_bearer_token
+            {
+              access_token: token,
+              expires_in: expires_at && ::Simple::OAuth2.config.access_token_lifetime.to_i,
+              refresh_token: refresh_token,
+              scope: scopes
+            }
+          end
+
+          private
+
+          # Set lifetime for token value during creating a new record
+          #
+          # @return clock [Time] time object
+          #
+          def setup_expiration
+            expires_in = ::Simple::OAuth2.config.access_token_lifetime.to_i
+            self.expires_at = Time.now.utc + expires_in if expires_at.nil? && !expires_in.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/client.rb

@@ -0,0 +1,27 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      # Includes all the required API, associations, validations and callbacks
+      module Client
+        extend ActiveSupport::Concern
+
+        include NoBrainer::Simple::OAuth2::Fields::Client
+
+        included do
+          before_save { self.updated_at = Time.now }
+
+          has_many :access_tokens, class_name: ::Simple::OAuth2.config.access_token_class_name, foreign_key: :client_id
+          has_many :access_grants, class_name: ::Simple::OAuth2.config.access_grant_class_name, foreign_key: :client_id
+
+          # Searches for Client record with the specific `#key` value
+          #
+          # @param key [#to_s] key value (any object that responds to `#to_s`)
+          #
+          # @return [Client, nil] Client object or nil if there is no record with such `#key`
+          #
+          scope(:by_key) { |key| where(key: key.to_s).first }
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/concerns/fields/access_grant.rb

@@ -0,0 +1,35 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      module Fields
+        # Defines a AccessGrant model with next fields
+        module AccessGrant
+          extend ActiveSupport::Concern
+
+          included do
+            include ::NoBrainer::Document
+            include ::NoBrainer::Document::Timestamps
+
+            field :resource_owner_id, type: String, index: true, required: true
+            field :client_id,         type: String, index: true, required: true
+
+            field :token,
+                  type: String,
+                  required: true,
+                  uniq: true,
+                  index: true,
+                  default: -> { ::Simple::OAuth2.config.token_generator.generate }
+
+            field :redirect_uri, type: String, required: true
+            field :scopes,       type: String
+
+            field :revoked_at, type: Time
+            field :expires_at, type: Time, required: true
+            field :created_at, type: Time, required: true, default: -> { Time.now }
+            field :updated_at, type: Time, required: true, default: -> { Time.now }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/concerns/fields/access_token.rb

@@ -0,0 +1,40 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      module Fields
+        # Defines a AccessToken model with next fields
+        module AccessToken
+          extend ActiveSupport::Concern
+
+          included do
+            include ::NoBrainer::Document
+            include ::NoBrainer::Document::Timestamps
+
+            field :resource_owner_id, type: String, index: true, required: true
+            field :client_id,         type: String, index: true, required: true
+            field :token,
+                  type: String,
+                  index: true,
+                  required: true,
+                  uniq: true,
+                  default: -> { ::Simple::OAuth2.config.token_generator.generate }
+            field :refresh_token,
+                  type: String,
+                  index: true,
+                  uniq: true,
+                  default: -> do
+                    ::Simple::OAuth2.config.issue_refresh_token ? ::Simple::OAuth2.config.token_generator.generate : ''
+                  end
+
+            field :scopes,     type: String
+
+            field :revoked_at, type: Time
+            field :expires_at, type: Time, required: true
+            field :created_at, type: Time, required: true, default: -> { Time.now }
+            field :updated_at, type: Time, required: true, default: -> { Time.now }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/concerns/fields/client.rb

@@ -0,0 +1,36 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      module Fields
+        # Defines a Client model with next fields
+        module Client
+          extend ActiveSupport::Concern
+
+          included do
+            include ::NoBrainer::Document
+            include ::NoBrainer::Document::Timestamps
+
+            field :name,         type: String, required: true
+            field :redirect_uri, type: String, required: true
+
+            field :key,
+                  type: String,
+                  required: true,
+                  index: true,
+                  uniq: true,
+                  default: -> { ::Simple::OAuth2.config.token_generator.generate }
+            field :secret,
+                  type: String,
+                  required: true,
+                  index: true,
+                  uniq: true,
+                  default: -> { ::Simple::OAuth2.config.token_generator.generate }
+
+            field :created_at, type: Time, required: true, default: -> { Time.now }
+            field :updated_at, type: Time, required: true, default: -> { Time.now }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/concerns/fields/resource_owner.rb

@@ -0,0 +1,19 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      module Fields
+        # Defines a ResourceOwner model with next fields
+        module ResourceOwner
+          extend ActiveSupport::Concern
+
+          included do
+            include ::NoBrainer::Document
+
+            field :username, type: String, required: true, index: true, uniq: true
+            field :encrypted_password, type: String, required: true, length: (8..32)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/mixins/resource_owner.rb

@@ -0,0 +1,27 @@
+module NoBrainer
+  module Simple
+    module OAuth2
+      # Includes all the required API, associations, validations and callbacks
+      module ResourceOwner
+        extend ActiveSupport::Concern
+
+        include NoBrainer::Simple::OAuth2::Fields::ResourceOwner
+
+        included do
+          # Searches for ResourceOwner record with the specific params
+          #
+          # @param _client [Object] Client instance
+          # @param username [String, #to_s] username value (any object that responds to `#to_s`)
+          # @param password [String] password value
+          #
+          # @return [ResourceOwner, nil] ResourceOwner object or nil if there is no record with such params
+          #
+          def self.oauth_authenticate(_client, username, password)
+            user = where(username: username.to_s).first
+            user if user && user.encrypted_password == password
+          end
+        end
+      end
+    end
+  end
+end

data/lib/nobrainer_simple_oauth2/version.rb

@@ -0,0 +1,29 @@
+module NoBrainer
+  module Simple
+    # Semantic versioning
+    module OAuth2
+      # NoBrainerSimpleOAuth2 version
+      #
+      # @return [Gem::Version] version of the gem
+      #
+      def self.gem_version
+        Gem::Version.new VERSION::STRING
+      end
+
+      # NoBrainerSimpleOAuth2 semantic versioning module.
+      # Contains detailed info about gem version
+      module VERSION
+        # Level changes for implementation level detail changes, such as small bug fixes
+        PATCH = 0
+        # Level changes for any backwards compatible API changes, such as new functionality/features
+        MINOR = 0
+        # Level changes for backwards incompatible API changes,
+        # such as changes that will break existing users code if they update
+        MAJOR = 0
+
+        # Full gem version string
+        STRING = [MAJOR, MINOR, PATCH].join('.')
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,82 @@
+--- !ruby/object:Gem::Specification
+name: nobrainer_simple_oauth2
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+platform: ruby
+authors:
+- Volodimir Partytskyi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-01-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: simple_oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: nobrainer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.33.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.33.0
+description: NoBrainer mixin for SimpleOAuth2 authorization
+email: volodimir.partytskyi@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- lib/nobrainer_simple_oauth2.rb
+- lib/nobrainer_simple_oauth2/mixins/access_grant.rb
+- lib/nobrainer_simple_oauth2/mixins/access_token.rb
+- lib/nobrainer_simple_oauth2/mixins/client.rb
+- lib/nobrainer_simple_oauth2/mixins/concerns/fields/access_grant.rb
+- lib/nobrainer_simple_oauth2/mixins/concerns/fields/access_token.rb
+- lib/nobrainer_simple_oauth2/mixins/concerns/fields/client.rb
+- lib/nobrainer_simple_oauth2/mixins/concerns/fields/resource_owner.rb
+- lib/nobrainer_simple_oauth2/mixins/resource_owner.rb
+- lib/nobrainer_simple_oauth2/version.rb
+homepage: https://github.com/simple-oauth2/nobrainer_simple_oauth2
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.2.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.8
+signing_key: 
+specification_version: 4
+summary: Mixin for NoBrainer ORM
+test_files: []