diff --git a/app/models/oauth_token.rb b/app/models/oauth_token.rb index eef1853..b655036 100644 --- a/app/models/oauth_token.rb +++ b/app/models/oauth_token.rb @@ -33,7 +33,8 @@ class OAuthToken < ApplicationRecord include PublicActivity::Model tracked owner: proc { |controller, record| record.resource_owner }, recipient: proc { |controller, record| record.resource_owner }, only: [ :create, :revoke ] - PREFIX = "idntk." + ACCESS_TOKEN_PREFIX = "idntk." + REFRESH_TOKEN_PREFIX = "idnrf." SIZE = 32 scope :not_expired, -> { where(expires_in: nil).or(where("(oauth_access_tokens.created_at + make_interval(secs => expires_in)) >= ?", Time.now)) } @@ -49,15 +50,24 @@ class OAuthToken < ApplicationRecord belongs_to :resource_owner, class_name: "Identity" def generate_token - self.token = self.class.generate + @raw_token = self.class.generate_access_token + secret_strategy.store_secret(self, :token, @raw_token) + end + + def generate_refresh_token + @raw_refresh_token = self.class.generate_refresh_token + Doorkeeper.config.token_secret_strategy.store_secret(self, :refresh_token, @raw_refresh_token) end def active? !revoked_at? && (expires_in.nil? || expires_in > 0) end - def self.generate(options = {}) - token_size = options.delete(:size) || SIZE - PREFIX + SecureRandom.urlsafe_base64(token_size) + def self.generate_access_token(size: SIZE) + ACCESS_TOKEN_PREFIX + SecureRandom.urlsafe_base64(size) + end + + def self.generate_refresh_token(size: SIZE) + REFRESH_TOKEN_PREFIX + SecureRandom.urlsafe_base64(size) end end diff --git a/spec/factories/oauth_tokens.rb b/spec/factories/oauth_tokens.rb index 2b1e2c3..bb1334d 100644 --- a/spec/factories/oauth_tokens.rb +++ b/spec/factories/oauth_tokens.rb @@ -2,7 +2,7 @@ FactoryBot.define do factory :oauth_token do association :resource_owner, factory: :identity association :application, factory: :program - token { OAuthToken.generate } + token { OAuthToken.generate_access_token } scopes { "basic_info" } expires_in { nil } revoked_at { nil }