Skip to content

Commit

Permalink
Implementing feedback changes
Browse files Browse the repository at this point in the history
  • Loading branch information
JeremyC-za committed Feb 3, 2023
1 parent b580c18 commit e4ae754
Show file tree
Hide file tree
Showing 9 changed files with 34 additions and 32 deletions.
2 changes: 1 addition & 1 deletion app/controllers/doorkeeper/authorizations_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ def pre_auth_params
end

def pre_auth_param_fields
Doorkeeper.configuration.custom_access_token_fields + %i[
Doorkeeper.configuration.custom_access_token_attributes + %i[
client_id
code_challenge
code_challenge_method
Expand Down
6 changes: 3 additions & 3 deletions lib/doorkeeper/config.rb
Original file line number Diff line number Diff line change
Expand Up @@ -323,11 +323,11 @@ def configure_secrets_for(type, using:, fallback:)

# Allows additional data to be received when granting access to an Application, and for this
# additional data to be sent with subsequently generated access tokens. The access grant and
# access token models will both need to respond to the specified field names.
# access token models will both need to respond to the specified attribute names.
#
# @param fields [Array] The array of custom field names to be saved
# @param attributes [Array] The array of custom attribute names to be saved
#
option :custom_access_token_fields,
option :custom_access_token_attributes,
default: []

# Use a custom class for generating the application secret.
Expand Down
12 changes: 12 additions & 0 deletions lib/doorkeeper/config/validations.rb
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,18 @@ def validate_token_reuse_limit
)
@token_reuse_limit = 100
end

def validate_custom_access_token_attributes
# Validate that the access_token and access_grant models
# both respond to all of the custom attributes
Doorkeeper.config.custom_access_token_attributes.each do |attribute_name|
[Doorkeeper.config.access_token_model, Doorkeeper.config.access_grant_model].each do |model|
unless model.has_attribute?(attribute_name)
raise NotImplementedError, "#{model} does not recognize custom attribute: #{attribute_name}."
end
end
end
end
end
end
end
10 changes: 3 additions & 7 deletions lib/doorkeeper/oauth/authorization/code.rb
Original file line number Diff line number Diff line change
Expand Up @@ -45,14 +45,10 @@ def access_grant_attributes
attributes[:resource_owner_id] = resource_owner.id
end

# Custom access token fields are saved into the access grant,
# Custom access token attributes are saved into the access grant,
# and then included in subsequently generated access tokens.
Doorkeeper.config.custom_access_token_fields.each do |field_name|
unless Doorkeeper.config.access_grant_model.has_attribute?(field_name)
raise NotImplementedError, "#{Doorkeeper.config.access_grant_model} does not recognize field: #{field_name}."
end

attributes[field_name] = @pre_auth.custom_access_token_fields[field_name]
Doorkeeper.config.custom_access_token_attributes.each do |attribute_name|
attributes[attribute_name] = @pre_auth.custom_access_token_attributes[attribute_name]
end

pkce_attributes.merge(attributes)
Expand Down
12 changes: 3 additions & 9 deletions lib/doorkeeper/oauth/authorization_code_request.rb
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def before_successful_response
grant.application,
resource_owner,
grant.scopes,
custom_token_fields_with_data,
custom_token_attributes_with_data,
server,
)
end
Expand Down Expand Up @@ -101,14 +101,8 @@ def generate_code_challenge(code_verifier)
server_config.access_grant_model.generate_code_challenge(code_verifier)
end

private def custom_token_fields_with_data
Doorkeeper.config.custom_access_token_fields.each do |field_name|
unless Doorkeeper.config.access_token_model.has_attribute?(field_name)
raise NotImplementedError, "#{Doorkeeper.config.access_token_model} does not recognize field: #{field_name}."
end
end

grant.attributes.with_indifferent_access.slice(*Doorkeeper.config.custom_access_token_fields).symbolize_keys
private def custom_token_attributes_with_data
grant.attributes.with_indifferent_access.slice(*Doorkeeper.config.custom_access_token_attributes).symbolize_keys
end
end
end
Expand Down
6 changes: 3 additions & 3 deletions lib/doorkeeper/oauth/base_request.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,20 +26,20 @@ def scopes
@scopes ||= build_scopes
end

def find_or_create_access_token(client, resource_owner, scopes, custom_fields, server)
def find_or_create_access_token(client, resource_owner, scopes, custom_attributes, server)
context = Authorization::Token.build_context(client, grant_type, scopes, resource_owner)
token_model = server_config.access_token_model
application = client.is_a?(server_config.application_model) ? client : client&.application

token_params = {
token_attributes = {
application: application,
resource_owner: resource_owner,
scopes: scopes,
expires_in: Authorization::Token.access_token_expires_in(server, context),
use_refresh_token: Authorization::Token.refresh_token_enabled?(server, context),
}

@access_token = token_model.find_or_create_for(token_params.merge(custom_fields))
@access_token = token_model.find_or_create_for(**token_attributes.merge(custom_attributes))
end

def before_successful_response
Expand Down
8 changes: 4 additions & 4 deletions lib/doorkeeper/oauth/pre_authorization.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ class PreAuthorization

attr_reader :client, :code_challenge, :code_challenge_method, :missing_param,
:redirect_uri, :resource_owner, :response_type, :state,
:authorization_response_flow, :response_mode, :custom_access_token_fields
:authorization_response_flow, :response_mode, :custom_access_token_attributes

def initialize(server, parameters = {}, resource_owner = nil)
@server = server
Expand All @@ -32,9 +32,9 @@ def initialize(server, parameters = {}, resource_owner = nil)
@code_challenge_method = parameters[:code_challenge_method]
@resource_owner = resource_owner

@custom_access_token_fields = {}
Doorkeeper.config.custom_access_token_fields.each do |field|
@custom_access_token_fields[field] = parameters[field]
@custom_access_token_attributes = {}
Doorkeeper.config.custom_access_token_attributes.each do |field|
@custom_access_token_attributes[field] = parameters[field]
end
end

Expand Down
2 changes: 1 addition & 1 deletion lib/generators/doorkeeper/templates/initializer.rb
Original file line number Diff line number Diff line change
Expand Up @@ -406,7 +406,7 @@
# tokens, you can check that the requested data belongs to the specified tenant.
#
# Default value is an empty Array: []
# custom_access_token_fields [:tenant_id]
# custom_access_token_attributes [:tenant_id]

# Hook into the strategies' request & response life-cycle in case your
# application needs advanced customization or logging:
Expand Down
8 changes: 4 additions & 4 deletions spec/lib/config_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -521,17 +521,17 @@ class ApplicationWithOwner < ActiveRecord::Base
end
end

describe "custom_access_token_fields" do
describe "custom_access_token_attributes" do
it "is '[]' by default" do
expect(Doorkeeper.configuration.custom_access_token_fields).to(eq([]))
expect(Doorkeeper.configuration.custom_access_token_attributes).to(eq([]))
end

it "can change the value" do
Doorkeeper.configure do
orm DOORKEEPER_ORM
custom_access_token_fields [:added_field_1, :added_field_2]
custom_access_token_attributes [:added_field_1, :added_field_2]
end
expect(config.custom_access_token_fields).to eq([:added_field_1, :added_field_2])
expect(config.custom_access_token_attributes).to eq([:added_field_1, :added_field_2])
end
end

Expand Down

0 comments on commit e4ae754

Please sign in to comment.