class Garage::Strategy::AuthServer::AccessTokenFetcher

Returns an AccessToken from request object or returns nil if failed.

Constants

OPEN_TIMEOUT
READ_TIMEOUT
USER_AGENT

Public Class Methods

fetch(*args) click to toggle source
# File lib/garage/strategy/auth_server.rb, line 51
def self.fetch(*args)
  new(*args).fetch
end
new(request) click to toggle source
# File lib/garage/strategy/auth_server.rb, line 55
def initialize(request)
  @request = request
end

Public Instance Methods

fetch() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 59
def fetch
  if has_any_valid_credentials?
    if has_cacheable_credentials?
      fetch_with_cache
    else
      fetch_without_cache
    end
  else
    nil
  end
rescue Timeout::Error
  raise AuthBackendTimeout.new(OPEN_TIMEOUT, read_timeout)
end

Private Instance Methods

auth_server_url() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 119
def auth_server_url
  Garage.configuration.auth_server_url or raise NoUrlError
end
bearer_token() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 143
def bearer_token
  @bearer_token ||= @request.authorization.try {|o| o.slice(/\ABearer\s+(.+)\z/, 1) }
end
fetch_with_cache() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 147
def fetch_with_cache
  Cache.with_cache("garage_gem/token_cache/#{Garage::VERSION}/#{bearer_token}") do
    fetch_without_cache
  end
end
fetch_without_cache() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 153
def fetch_without_cache
  response = get
  if response.valid?
    Garage::Strategy::AccessToken.new(response.to_hash)
  else
    if response.status_code == 401
      nil
    else
      raise AuthBackendError.new(response)
    end
  end
end
get() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 75
def get
  Tracer.start do |tracer|
    request_header = tracer.inject_trace_context(header)
    tracer.record_http_request('GET', uri.to_s, request_header['User-Agent'])
    raw = http_client.get(path_with_query, request_header)
    tracer.record_http_response(raw.code.to_i, raw['Content-Length'] || 0)
    Response.new(raw)
  end
end
has_any_valid_credentials?() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 127
def has_any_valid_credentials?
  @request.authorization.present? ||
    @request.params[:access_token].present? ||
    @request.params[:bearer_token].present?
end
has_cacheable_credentials?() click to toggle source

Cacheable requests are:

- Bearer token request with `Authorization` header.

We don't cache these requests because they are less requested:

- Bearer token request with query parameter which has been deprecated.
- Any other token type.
# File lib/garage/strategy/auth_server.rb, line 139
def has_cacheable_credentials?
  bearer_token.present?
end
header() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 85
def header
  {
    'Authorization' => @request.authorization,
    'Host' => Garage.configuration.auth_server_host,
    'Resource-Owner-Id' => @request.headers['Resource-Owner-Id'],
    'Scopes' => @request.headers['Scopes'],
    'User-Agent' => USER_AGENT,
    # ActionDispatch::Request#request_id is only available in Rails 5.0 or later.
    'X-Request-Id' => @request.uuid,
  }.reject {|_, v| v.nil? }
end
http_client() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 111
def http_client
  client = Net::HTTP.new(uri.host, uri.port)
  client.use_ssl = true if uri.scheme == 'https'
  client.read_timeout = read_timeout
  client.open_timeout = OPEN_TIMEOUT
  client
end
path_with_query() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 97
def path_with_query
  result = uri.path
  result << "?" + query unless query.empty?
  result
end
query() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 103
def query
  @query ||= @request.params.slice(:access_token, :bearer_token).to_query
end
read_timeout() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 123
def read_timeout
  Garage.configuration.auth_server_timeout or READ_TIMEOUT
end
uri() click to toggle source
# File lib/garage/strategy/auth_server.rb, line 107
def uri
  @uri ||= URI.parse(auth_server_url)
end