setsuzoku 0.11.9 → 0.12.54

data/lib/setsuzoku/service/web_service/auth_strategies/basic_auth_strategy.rb

@@ -8,7 +8,7 @@ module Setsuzoku
         # The API OAuth Authentication Interface definition.
         # Any Plugin that implements this must implement all methods required for OAuth.
         #
-        # Defines all necessary methods for handling authentication for any authentication strategy.
+        # Defines all necessary methods for the basic auth strategy.
         class BasicAuthStrategy < WebService::AuthStrategy
           extend T::Sig
           extend T::Helpers
@@ -27,10 +27,12 @@ module Setsuzoku
           sig { override.returns(T::Hash[Symbol, T.untyped]) }
           def auth_headers
             {
+              authorization: {
                 basic_auth: {
-                    username: self.credential.username,
-                    password: self.credential.password
+                  username: self.credential.username,
+                  password: self.credential.password
                 }
+              }
             }
           end
 
@@ -38,7 +40,7 @@ module Setsuzoku
           # if the auth credientials are valid
           #
           #
-          # sig { override.returns(T::Boolean) }
+          sig { override.returns(T::Boolean) }
           def auth_credential_valid?
             true
           end

data/lib/setsuzoku/service/web_service/auth_strategies/custom_auth_strategy.rb

@@ -0,0 +1,66 @@
+# typed: ignore
+# frozen_string_literal: true
+
+module Setsuzoku
+  module Service
+    module WebService
+      module AuthStrategies
+        # The API Custom Authentication Interface definition.
+        # Any Plugin that implements this must implement all methods required for Custom auth.
+        #
+        # Defines all necessary methods for the custom auth strategy.
+        class CustomAuthStrategy < WebService::AuthStrategy
+          extend T::Sig
+          extend T::Helpers
+
+          include StrategyCanUseTokens
+
+          def self.required_instance_methods
+            []
+          end
+
+          def self.credential_class
+            Setsuzoku::Service::WebService::Credentials::CustomAuthCredential
+          end
+
+          #
+          # auth_headers
+          sig { override.returns(T::Hash[Symbol, T.untyped]) }
+          #
+          # Any custom auth headers required to perform authenticated requests.
+          #
+          # @return [Hash] the auth headers.
+          def auth_headers
+            self.credential.auth_headers
+          end
+
+          #
+          # refresh_expired_token!
+          sig { override.void }
+          #
+          # Construct the custom token_request_body and request a token.
+          #
+          # @return [void]
+          def new_token!
+            action = :new_token
+            body = self.credential.auth_actions[action][:body]
+            get_token!(body, action)
+          end
+
+          #
+          # refresh_expired_token!
+          sig { override.void }
+          #
+          # Construct the custom token_request_body and request a token.
+          #
+          # @return [void]
+          def refresh_expired_token!
+            action = :refresh_token
+            body = self.credential.auth_actions[action][:body]
+            get_token!(body, :refresh_token)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/setsuzoku/service/web_service/auth_strategies/o_auth_strategy.rb

@@ -1,4 +1,4 @@
-# typed: false
+# typed: ignore
 # frozen_string_literal: true
 
 module Setsuzoku
@@ -8,11 +8,13 @@ module Setsuzoku
         # The API OAuth Authentication Interface definition.
         # Any Plugin that implements this must implement all methods required for OAuth.
         #
-        # Defines all necessary methods for handling authentication for any authentication strategy.
+        # Defines all necessary methods for the OAuth auth strategy.
         class OAuthStrategy < WebService::AuthStrategy
           extend T::Sig
           extend T::Helpers
 
+          include StrategyCanUseTokens
+
           def self.required_instance_methods
             []
           end
@@ -25,13 +27,18 @@ module Setsuzoku
             24.hours
           end
 
-          # Any api request headers that this service needs to set.
           #
-          # @return [Hash]
+          # auth_headers
           sig { override.returns(T::Hash[Symbol, T.untyped]) }
+          #
+          # Oauth auth headers required to perform authenticated requests.
+          #
+          # @return [Hash] the auth headers.
           def auth_headers
             {
-              token: self.credential.token
+              authorization: {
+                token: self.credential.token
+              }
             }
           end
 
@@ -48,97 +55,26 @@ module Setsuzoku
                               code: args[:code]), :new_token)
           end
 
-          # If the auth credentials are valid for this instance and auth_strategy.
-          #
-          # If the token is invalid we should refresh it. And verify that the credentials are now valid.
-          # Otherwise the credentials are already valid.
-          #
-          # @return [Boolean] true if the auth token is valid for the auth_strategy.
-          sig { override.returns(T::Boolean) }
-          def auth_credential_valid?
-            if token_is_invalid?
-              refresh_expired_token!
-              !token_is_invalid?
-            else
-              true
-            end
-          end
-
-          private
-
-          # Determine whether the token is no longer valid.
-          #
-          # @return [Boolean] true if the token is invalid.
-          sig { returns(T::Boolean) }
-          def token_is_invalid?
-            active = self.credential.status != 'disabled'
-            active && !self.credential.expires_on.blank? &&
-                !self.credential.refresh_token.blank? &&
-                (self.credential.expires_on < refresh_before_expiration_time)
-          end
-
-          sig { returns(DateTime) }
-          def refresh_before_expiration_time
-            45.minutes.from_now.to_datetime
-          end
-
           # Exchange refresh_token for a new token and expires_on.
           #
           # @return [Boolean] true if the credential was refreshed successfully
-          sig { void }
+          sig { override.void }
           def refresh_expired_token!
             get_token!(params(grant_type: 'refresh_token',
                               refresh_token: self.credential.refresh_token), :refresh_token)
           end
 
-          # Exchange code for token, refresh_token and expires_on
-          #
-          # @return void
-          sig { params(code: String, redirect_url: String).void }
-          def custom_token!(code: nil, redirect_url: nil)
-            get_token!(params(grant_type: 'authorization_code',
-                              code: code,
-                              redirect_uri: redirect_url), :refresh_token)
-          end
+          private
 
-          # Exchange code for a new token via POST request to API token url,
-          # and set token, expiry, and status on the integration
           #
-          # @param [Hash] body the request body for the token POST request
+          # uses_token_by_default?
+          sig { returns(T::Boolean) }
           #
-          # @return void
-          sig { params(body: T::Hash[Symbol, String], action: Symbol).void }
-          def get_token!(body, action)
-            success = false
-            request = self.api_strategy.request_class.new(action: action, body: body, without_headers: true)
-
-            resp = self.api_strategy.call_external_api(request: request, strategy: :auth)
-
-            attrs = {}
-            if resp.data && resp.data[:access_token]
-              attrs[:status] = 'active'
-              attrs[:token] = resp.data[:access_token]
-              attrs[:refresh_token] = resp.data[:refresh_token] if resp.data.key?(:refresh_token)
-              attrs[:expires_on] = resp.data[:expires_in].to_i.seconds.from_now if resp.data[:expires_in]
-
-              plugin_attrs = self.plugin.credential_fields_to_update(resp) if self.plugin.respond_to?(:credential_fields_to_update)
-              attrs.merge!(plugin_attrs)
-            else
-              attrs[:status] = 'error'
-            end
-
-            # Only save Setsuzoku known fields, and any additional attributes the plugin specifies
-            # in credential_fields_to_update.
-            if self.credential.respond_to?(:"update_columns")
-              # we issue an update_columns instead of a save/update_attributes
-              # so as to only mutate these attributes
-              # and not any other fields that may have been set for the credential
-              save = self.credential.update_columns(attrs)
-              self.credential.touch if save && self.credential.respond_to?(:"touch")
-              save && resp.success
-            else
-              resp.success
-            end
+          # OAuth auth_strategy always uses a token.
+          #
+          # @return [Boolean] if the auth_strategy uses a token or not.
+          def uses_token_by_default?
+            true
           end
 
           # Add some default params to the params hash.
@@ -150,12 +86,13 @@ module Setsuzoku
           def params(params)
             if params.key?(:redirect_uri)
               params.merge(client_id: self.credential.client_id,
-                           client_secret: self.credential.client_secret)
+                           client_secret: self.credential.client_secret
+              )
             else
               params.merge(client_id: self.credential.client_id,
                            client_secret: self.credential.client_secret,
-                           redirect_uri: self.credential.redirect_url_override.nil? ? self.credential.redirect_url : self.credential.redirect_url_override)
-
+                           redirect_uri: self.credential.redirect_url
+              )
             end
           end
         end

data/lib/setsuzoku/service/web_service/auth_strategies/strategy_can_use_tokens.rb

@@ -0,0 +1,175 @@
+# typed: ignore
+# frozen_string_literal: true
+
+module Setsuzoku
+  module Service
+    module WebService
+      module AuthStrategies
+        # The API OAuth Authentication Interface definition.
+        # Any Plugin that implements this must implement all methods required for OAuth.
+        #
+        # Defines all necessary methods for handling authentication for any authentication strategy.
+        module StrategyCanUseTokens
+          extend T::Sig
+          extend T::Helpers
+
+          #
+          # refresh_expired_token!
+          sig { abstract.void }
+          #
+          # Construct the custom token_request_body and request a token.
+          #
+          # @return [void]
+          def new_token!; end
+
+          #
+          # refresh_expired_token!
+          sig { abstract.void }
+          #
+          # Construct the custom token_request_body and request a token.
+          #
+          # @return [void]
+          def refresh_expired_token!; end
+
+          #
+          # auth_credential_valid?
+          sig { returns(T::Boolean) }
+          #
+          # If the auth credentials are valid for this instance and auth_strategy.
+          #
+          # If the token is invalid we should refresh it. And verify that the credentials are now valid.
+          # Otherwise the credentials are already valid.
+          #
+          # @return [Boolean] true if the auth token is valid for the auth_strategy.
+          def auth_credential_valid?
+            validate_token_credential!
+          end
+
+          private
+
+          #
+          # validate_token_credential!
+          sig { returns(T::Boolean) }
+          #
+          # If the auth credentials are valid for this instance and auth_strategy.
+          #
+          # If the token is invalid we should refresh it. And verify that the credentials are now valid.
+          # Otherwise the credentials are already valid.
+          #
+          # @return [Boolean] true if the auth token is valid for the auth_strategy.
+          def validate_token_credential!
+            if self.credential.status == 'disabled'
+              false
+            elsif uses_token?
+              if token_is_invalid?
+                self.refresh_expired_token!
+                !token_is_invalid?
+              else
+                true
+              end
+            else
+              true
+            end
+          end
+
+          #
+          # uses_token?
+          sig { returns(T::Boolean) }
+          #
+          # If the plugin's auth_strategy should use a token.
+          #
+          # @return [Boolean] if the auth_strategy uses a token or not.
+          def uses_token?
+            uses_token_by_default? || !!self.credential&.uses_token?
+          end
+
+          #
+          # uses_token_by_default?
+          sig { returns(T::Boolean) }
+          #
+          # If the plugin's auth_strategy should use a token by default.
+          # Defaulted to false, OAuth will default to true.
+          #
+          # @return [Boolean] if the auth_strategy uses a token or not.
+          def uses_token_by_default?
+            false
+          end
+
+          #
+          # refresh_expired_token!
+          sig { abstract.void }
+          #
+          # Exchange refresh_token for a new token and expires_on.
+          #
+          # @return [Boolean] true if the credential was refreshed successfully
+          def refresh_expired_token!; end
+
+          #
+          # token_is_invalid?
+          sig { returns(T::Boolean) }
+          #
+          # Determine whether the token is no longer valid.
+          #
+          # @return [Boolean] true if the token is invalid.
+          def token_is_invalid?
+            inactive = self.credential.status != 'active'
+            expired = self.credential.expires_on.present? &&
+                      self.credential.refresh_token.present? &&
+                      (self.credential.expires_on < refresh_before_expiration_time)
+
+            inactive || expired
+          end
+
+          sig { returns(DateTime) }
+          def refresh_before_expiration_time
+            45.minutes.from_now.to_datetime
+          end
+
+          #
+          # get_token!
+          sig { params(body: T::Hash[Symbol, String], action: Symbol).void }
+          #
+          # Exchange code for a new token via POST request to API token url,
+          # and set token, expiry, and status on the integration
+          #
+          # @param [Hash] body the request body for the token POST request
+          #
+          # @return void
+          def get_token!(body, action)
+            success = false
+            request = self.api_strategy.request_class.new(action: action, body: body, without_headers: true)
+
+            resp = self.api_strategy.call_external_api(request: request, strategy: :auth)
+
+            return false unless resp.success
+
+            attrs = self.credential.token_attributes_to_assign(resp)
+            attrs[:status] = if attrs[:token]
+                               'active'
+                             else
+                               'error'
+                             end
+
+            # Assign any additional attributes the plugin's credential needs to know about.
+            # E.g. the extension for a phone_number.
+            plugin_attrs = self.credential.additional_attributes_to_assign(resp) if self.plugin.respond_to?(:credential_fields_to_update)
+            attrs.merge!(plugin_attrs) if plugin_attrs
+
+            # Only save Setsuzoku known fields, and any additional attributes the plugin specifies
+            # in credential_fields_to_update.
+            if self.credential.respond_to?(:"update_columns")
+              # we issue an update_columns instead of a save/update_attributes
+              # so as to only mutate these attributes
+              # and not any other fields that may have been set for the credential
+              save = self.credential.update_columns(attrs)
+              self.credential.touch if save && self.credential.respond_to?(:"touch")
+              save
+            else
+              true
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/setsuzoku/service/web_service/auth_strategy.rb

@@ -1,4 +1,4 @@
-# typed: strict
+# typed: false
 # frozen_string_literal: true
 
 module Setsuzoku
@@ -27,19 +27,6 @@ module Setsuzoku
           extend T::Helpers
           abstract!
 
-          # All auth actions that are implemented.
-          #
-          # @return [Hash] all auth endpoint definitions for the API.
-          sig { abstract.returns(T::Hash[T.untyped, T.untyped]) }
-          def auth_actions; end
-
-          # The base auth url for the plugin.
-          #
-          # @return [String] the auth url.
-          sig { overridable.returns(String) }
-          def auth_base_url
-            self.plugin.api_base_url
-          end
         end
       end
     end