gitlab-org--gitlab-foss/app/services/oauth2/access_token_validation_ser...

module Oauth2::AccessTokenValidationService
  # Results:
  VALID = :valid
  EXPIRED = :expired
  REVOKED = :revoked
  INSUFFICIENT_SCOPE = :insufficient_scope

  class << self
    def validate(token, scopes: [])
      if token.expired?
        return EXPIRED

      elsif token.revoked?
        return REVOKED

      elsif !self.sufficient_scope?(token, scopes)
        return INSUFFICIENT_SCOPE

      else
        return VALID
      end
    end

    protected
    # True if the token's scope is a superset of required scopes,
    # or the required scopes is empty.
    def sufficient_scope?(token, scopes)
      if scopes.blank?
        # if no any scopes required, the scopes of token is sufficient.
        return true
      else
        # If there are scopes required, then check whether
        # the set of authorized scopes is a superset of the set of required scopes
        required_scopes = Set.new(scopes)
        authorized_scopes = Set.new(token.scopes)

        return authorized_scopes >= required_scopes
      end
    end
  end
end
Doorkeeper integration 2014-12-19 14:15:29 +00:00			`module Oauth2::AccessTokenValidationService`
			`# Results:`
			`VALID = :valid`
			`EXPIRED = :expired`
			`REVOKED = :revoked`
			`INSUFFICIENT_SCOPE = :insufficient_scope`

			`class << self`
			`def validate(token, scopes: [])`
			`if token.expired?`
			`return EXPIRED`

			`elsif token.revoked?`
			`return REVOKED`

Fix various typos signe-in -> signed-in go_to_gihub_for_permissions -> go_to_github_for_permissions descendand -> descendant behavour -> behaviour recepient_email -> recipient_email generate_fingerpint -> generate_fingerprint dependes -> depends Cant't -> Can't wisit -> visit notifcation -> notification sufficent_scope -> sufficient_scope? levet -> level 2015-01-18 15:29:37 +00:00			`elsif !self.sufficient_scope?(token, scopes)`
Doorkeeper integration 2014-12-19 14:15:29 +00:00			`return INSUFFICIENT_SCOPE`

			`else`
			`return VALID`
			`end`
			`end`

			`protected`
			`# True if the token's scope is a superset of required scopes,`
			`# or the required scopes is empty.`
Fix various typos signe-in -> signed-in go_to_gihub_for_permissions -> go_to_github_for_permissions descendand -> descendant behavour -> behaviour recepient_email -> recipient_email generate_fingerpint -> generate_fingerprint dependes -> depends Cant't -> Can't wisit -> visit notifcation -> notification sufficent_scope -> sufficient_scope? levet -> level 2015-01-18 15:29:37 +00:00			`def sufficient_scope?(token, scopes)`
Doorkeeper integration 2014-12-19 14:15:29 +00:00			`if scopes.blank?`
			`# if no any scopes required, the scopes of token is sufficient.`
			`return true`
			`else`
			`# If there are scopes required, then check whether`
			`# the set of authorized scopes is a superset of the set of required scopes`
			`required_scopes = Set.new(scopes)`
			`authorized_scopes = Set.new(token.scopes)`

			`return authorized_scopes >= required_scopes`
			`end`
			`end`
			`end`
Rubocop: no trailing newlines 2015-02-03 05:53:27 +00:00			`end`