7b80a7408d
Squashed commits: [d5001fe] Refactor [8d8a23f] Add test for when authorization is denied [659fc56] Adjust password flow integration test
32 lines
922 B
Ruby
32 lines
922 B
Ruby
class OpenidConnect::Authorization < ActiveRecord::Base
|
|
belongs_to :user
|
|
belongs_to :o_auth_application
|
|
|
|
validates :user, presence: true
|
|
validates :o_auth_application, presence: true
|
|
validates :user, uniqueness: {scope: :o_auth_application}
|
|
|
|
has_many :scopes, through: :authorization_scopes
|
|
has_many :o_auth_access_tokens, dependent: :destroy
|
|
has_many :id_tokens, dependent: :destroy
|
|
|
|
def generate_refresh_token
|
|
self.refresh_token = SecureRandom.hex(32)
|
|
end
|
|
|
|
def create_access_token
|
|
o_auth_access_tokens.create!.bearer_token
|
|
# TODO: Add support for request object
|
|
end
|
|
|
|
def create_id_token(nonce)
|
|
id_tokens.create!(nonce: nonce)
|
|
end
|
|
|
|
def self.find_by_client_id_and_user(client_id, user)
|
|
app = OpenidConnect::OAuthApplication.find_by(client_id: client_id)
|
|
find_by(o_auth_application: app, user: user)
|
|
end
|
|
|
|
# TODO: Consider splitting into subclasses by flow type
|
|
end
|