class HTTPX::Plugins::OAuth::OAuthSession

  1. lib/httpx/plugins/oauth.rb
Superclass: Object

Implements the bulk of functionality and maintains the state associated with the management of the the lifecycle of an OAuth session.

Attributes

access_token [R]
refresh_token [R]

Public Class methods

new( issuer:, client_id:, client_secret:, access_token: nil, refresh_token: nil, scope: nil, audience: nil, token_endpoint: nil, grant_type: nil, token_endpoint_auth_method: nil )
[show source] 
   # File lib/httpx/plugins/oauth.rb
38 def initialize(
39   issuer:,
40   client_id:,
41   client_secret:,
42   access_token: nil,
43   refresh_token: nil,
44   scope: nil,
45   audience: nil,
46   token_endpoint: nil,
47   grant_type: nil,
48   token_endpoint_auth_method: nil
49 )
50   @issuer = URI(issuer)
51   @client_id = client_id
52   @client_secret = client_secret
53   @token_endpoint = URI(token_endpoint) if token_endpoint
54   @scope = case scope
55            when String
56              scope.split
57            when Array
58              scope
59   end
60   @audience = audience
61   @access_token = access_token
62   @refresh_token = refresh_token
63   @token_endpoint_auth_method = String(token_endpoint_auth_method) if token_endpoint_auth_method
64   @grant_type = grant_type || (@refresh_token ? "refresh_token" : "client_credentials")
65   @access_token = access_token
66   @refresh_token = refresh_token
67 
68   unless @token_endpoint_auth_method.nil? || SUPPORTED_AUTH_METHODS.include?(@token_endpoint_auth_method)
69     raise Error, "#{@token_endpoint_auth_method} is not a supported auth method"
70   end
71 
72   return if SUPPORTED_GRANT_TYPES.include?(@grant_type)
73 
74   raise Error, "#{@grant_type} is not a supported grant type"
75 end

Public Instance methods

fetch_access_token(http)

when not available, it uses the http object to request new access and refresh tokens.

[show source] 
    # File lib/httpx/plugins/oauth.rb
 92 def fetch_access_token(http)
 93   return access_token if access_token
 94 
 95   load(http)
 96 
 97   # always prefer refresh token grant if a refresh token is available
 98   grant_type = @refresh_token ? "refresh_token" : @grant_type
 99 
100   headers = {} # : Hash[String ,String]
101   form_post = {
102     "grant_type" => @grant_type,
103     "scope" => Array(@scope).join(" "),
104     "audience" => @audience,
105   }.compact
106 
107   # auth
108   case token_endpoint_auth_method
109   when "client_secret_post"
110     form_post["client_id"] = @client_id
111     form_post["client_secret"] = @client_secret
112   when "client_secret_basic"
113     headers["authorization"] = Authentication::Basic.new(@client_id, @client_secret).authenticate
114   end
115 
116   case grant_type
117   when "client_credentials"
118     # do nothing
119   when "refresh_token"
120     raise Error, "cannot use the `\"refresh_token\"` grant type without a refresh token" unless refresh_token
121 
122     form_post["refresh_token"] = refresh_token
123   end
124 
125   # POST /token
126   token_request = http.build_request("POST", token_endpoint, headers: headers, form: form_post)
127 
128   token_request.headers.delete("authorization") unless token_endpoint_auth_method == "client_secret_basic"
129 
130   token_response = http.skip_auth_header { http.request(token_request) }
131 
132   begin
133     token_response.raise_for_status
134   rescue HTTPError => e
135     @refresh_token = nil if e.response.status == 401 && (grant_type == "refresh_token")
136     raise e
137   end
138 
139   payload = token_response.json
140 
141   @refresh_token = payload["refresh_token"] || @refresh_token
142   @access_token = payload["access_token"]
143 end
merge(other)

TODO: remove this after deprecating the ‘:oauth_session` option

[show source] 
    # File lib/httpx/plugins/oauth.rb
146 def merge(other)
147   obj = dup
148 
149   case other
150   when OAuthSession
151     other.instance_variables.each do |ivar|
152       val = other.instance_variable_get(ivar)
153       next unless val
154 
155       obj.instance_variable_set(ivar, val)
156     end
157   when Hash
158     other.each do |k, v|
159       obj.instance_variable_set(:"@#{k}", v) if obj.instance_variable_defined?(:"@#{k}")
160     end
161   end
162   obj
163 end
reset!()
[show source] 
   # File lib/httpx/plugins/oauth.rb
87 def reset!
88   @access_token = nil
89 end
token_endpoint()

returns the URL where to request access and refresh tokens from.

[show source] 
   # File lib/httpx/plugins/oauth.rb
78 def token_endpoint
79   @token_endpoint || "#{@issuer}/token"
80 end
token_endpoint_auth_method()

returns the oauth-documented authorization method to use when requesting a token.

[show source] 
   # File lib/httpx/plugins/oauth.rb
83 def token_endpoint_auth_method
84   @token_endpoint_auth_method || "client_secret_basic"
85 end