zaikio-oauth_client 0.15.0 → 0.15.1.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fb0748eddd282729e6a9ca264b17a59d58b9822c5e900f1bc3690b2b10549567
4
- data.tar.gz: 191d4f0652fa8dfb9dae28bbfcd550ef8b2114366ef41ad291f25620011e8d3e
3
+ metadata.gz: 5695820de8df28288feb3794016c0288e2dce2d7890a8c3bd9b11685fc39c32f
4
+ data.tar.gz: 2616666c8df490d153339d6953f6066a46f00669dfd037dcc2faf62873b44e9a
5
5
  SHA512:
6
- metadata.gz: 21c66faa4cd6cad8b787b39f919b0e1c30ec718b912f5442ad0fd4c96b7871a0db798bdf84e798d3ddaf441f8ae96819abea31fad7b4a631b12d2983fef378be
7
- data.tar.gz: acc5550981b27d38cb986e0b934d4dad992ea7f3c462d9dd1f6c202a304e4cd13bb8e202db070f66f458e3263606601943d1f078d9967125c89b068d82554126
6
+ metadata.gz: dd7d9785f60d8c025ec461d6ab006f714f7f9abfd83ebffcfcf261c17a386903a6d9a42eb57708fd23b23662060190be1b5fd3089f03c10e0459a5106bcf4268
7
+ data.tar.gz: 1a554847284740a40cd231681572c30a0ae32c441a3da4de9feafdc36ea9057ff66ec93281be4108e4e1e7683c8f550a4bdf4b63153292f295295b29d0007a3f
@@ -26,17 +26,17 @@ module Zaikio
26
26
  end
27
27
 
28
28
  # Scopes
29
- scope :valid, lambda {
30
- where("expires_at > :now", now: Time.current)
29
+ scope :valid, lambda { |valid_until = Time.current|
30
+ where("expires_at > :valid_until", valid_until: valid_until)
31
31
  .where.not(id: Zaikio::JWTAuth.revoked_token_ids)
32
32
  }
33
33
  scope :with_invalid_refresh_token, lambda {
34
34
  where("created_at <= ?", Time.current - Zaikio::AccessToken.refresh_token_valid_for)
35
35
  }
36
- scope :valid_refresh, lambda {
37
- where("expires_at <= :now AND created_at > :created_at_max",
38
- now: Time.current,
39
- created_at_max: Time.current - refresh_token_valid_for)
36
+ scope :valid_refresh, lambda { |valid_until = Time.current|
37
+ where("expires_at <= :valid_until AND created_at > :created_at_max",
38
+ valid_until: valid_until,
39
+ created_at_max: valid_until - refresh_token_valid_for)
40
40
  .where.not(refresh_token: nil)
41
41
  .where.not(id: Zaikio::JWTAuth.revoked_token_ids)
42
42
  }
@@ -44,9 +44,10 @@ module Zaikio
44
44
  where(bearer_type: bearer_type, bearer_id: bearer_id)
45
45
  .where("requested_scopes @> ARRAY[?]::varchar[]", requested_scopes)
46
46
  }
47
- scope :usable, lambda { |options|
48
- by_bearer(**options).valid.or(by_bearer(**options).valid_refresh)
49
- .order(expires_at: :desc)
47
+ scope :usable, lambda { |valid_until: Time.current, **options|
48
+ by_bearer(**options).valid(valid_until).or(
49
+ by_bearer(**options).valid_refresh
50
+ ).order(expires_at: :desc)
50
51
  }
51
52
 
52
53
  def expired?
@@ -72,6 +73,8 @@ module Zaikio
72
73
  end
73
74
 
74
75
  def refresh!
76
+ return unless refresh_token?
77
+
75
78
  Zaikio::OAuthClient.with_oauth_scheme(:basic_auth) do
76
79
  refreshed_token = OAuth2::AccessToken.from_hash(
77
80
  Zaikio::OAuthClient.for(audience),
@@ -80,16 +83,12 @@ module Zaikio
80
83
 
81
84
  destroy
82
85
 
83
- self.class.build_from_access_token(
84
- refreshed_token,
85
- requested_scopes: requested_scopes
86
- ).tap(&:save!)
86
+ self.class.build_from_access_token(refreshed_token, requested_scopes: requested_scopes).tap(&:save!)
87
87
  end
88
88
  rescue OAuth2::Error => e
89
89
  raise unless e.code == "invalid_grant"
90
90
 
91
91
  destroy
92
-
93
92
  nil
94
93
  end
95
94
  end
@@ -69,9 +69,10 @@ module Zaikio
69
69
  token = find_usable_access_token(client_name: client_config.client_name,
70
70
  bearer_type: bearer_type,
71
71
  bearer_id: bearer_id,
72
- requested_scopes: scopes)
72
+ requested_scopes: scopes,
73
+ valid_for: valid_for)
73
74
 
74
- token = token.refresh! if token && (token.expired? || token.expires_at < valid_for.from_now)
75
+ token = token.refresh! if token&.expired?
75
76
 
76
77
  token ||= fetch_new_token(client_config: client_config,
77
78
  bearer_type: bearer_type,
@@ -82,7 +83,7 @@ module Zaikio
82
83
 
83
84
  # Finds the best usable access token. Note that this token may have expired and
84
85
  # would require refreshing.
85
- def find_usable_access_token(client_name:, bearer_type:, bearer_id:, requested_scopes:) # rubocop:disable Metrics/MethodLength
86
+ def find_usable_access_token(client_name:, bearer_type:, bearer_id:, requested_scopes:, valid_for: 30.seconds) # rubocop:disable Metrics/MethodLength
86
87
  configuration.logger.debug "Try to fetch token for client_name: #{client_name}, "\
87
88
  "bearer #{bearer_type}/#{bearer_id}, requested_scopes: #{requested_scopes}"
88
89
 
@@ -92,7 +93,8 @@ module Zaikio
92
93
  .usable(
93
94
  bearer_type: bearer_type,
94
95
  bearer_id: bearer_id,
95
- requested_scopes: requested_scopes
96
+ requested_scopes: requested_scopes,
97
+ valid_until: valid_for.from_now
96
98
  )
97
99
  .first
98
100
  }
@@ -1,5 +1,5 @@
1
1
  module Zaikio
2
2
  module OAuthClient
3
- VERSION = "0.15.0".freeze
3
+ VERSION = "0.15.1.beta1".freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zaikio-oauth_client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.0
4
+ version: 0.15.1.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Zaikio GmbH
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-13 00:00:00.000000000 Z
11
+ date: 2021-08-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -183,9 +183,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
183
183
  version: '0'
184
184
  required_rubygems_version: !ruby/object:Gem::Requirement
185
185
  requirements:
186
- - - ">="
186
+ - - ">"
187
187
  - !ruby/object:Gem::Version
188
- version: '0'
188
+ version: 1.3.1
189
189
  requirements: []
190
190
  rubygems_version: 3.2.3
191
191
  signing_key: