2016-12-05 12:25:53 -05:00
|
|
|
AccessTokenValidationService = Struct.new(:token) do
|
2016-11-22 04:04:23 -05:00
|
|
|
# Results:
|
|
|
|
VALID = :valid
|
|
|
|
EXPIRED = :expired
|
|
|
|
REVOKED = :revoked
|
|
|
|
INSUFFICIENT_SCOPE = :insufficient_scope
|
|
|
|
|
2016-12-05 12:25:53 -05:00
|
|
|
def validate(scopes: [])
|
|
|
|
if token.expired?
|
|
|
|
return EXPIRED
|
2016-11-22 04:04:23 -05:00
|
|
|
|
2016-12-05 12:25:53 -05:00
|
|
|
elsif token.revoked?
|
|
|
|
return REVOKED
|
2016-11-22 04:04:23 -05:00
|
|
|
|
2016-12-05 12:25:53 -05:00
|
|
|
elsif !self.include_any_scope?(scopes)
|
|
|
|
return INSUFFICIENT_SCOPE
|
2016-11-22 04:04:23 -05:00
|
|
|
|
2016-12-05 12:25:53 -05:00
|
|
|
else
|
|
|
|
return VALID
|
2016-11-22 04:04:23 -05:00
|
|
|
end
|
2016-12-05 12:25:53 -05:00
|
|
|
end
|
2016-11-22 04:04:23 -05:00
|
|
|
|
2016-12-05 12:25:53 -05:00
|
|
|
# True if the token's scope contains any of the passed scopes.
|
|
|
|
def include_any_scope?(scopes)
|
|
|
|
if scopes.blank?
|
|
|
|
true
|
|
|
|
else
|
|
|
|
# Check whether the token is allowed access to any of the required scopes.
|
|
|
|
Set.new(scopes).intersection(Set.new(token.scopes)).present?
|
2016-11-22 04:04:23 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|