Class: Clerk::Proxy
- Inherits:
-
Object
- Object
- Clerk::Proxy
- Defined in:
- lib/clerk/proxy.rb
Constant Summary collapse
- CACHE_TTL =
seconds
60
Instance Attribute Summary collapse
-
#session_claims ⇒ Object
readonly
Returns the value of attribute session_claims.
-
#session_token ⇒ Object
readonly
Returns the value of attribute session_token.
Instance Method Summary collapse
-
#initialize(session_claims: nil, session_token: nil) ⇒ Proxy
constructor
A new instance of Proxy.
- #organization ⇒ Object
- #organization? ⇒ Boolean
- #organization_id ⇒ Object
- #organization_permissions ⇒ Object
- #organization_role ⇒ Object
- #user ⇒ Object
- #user? ⇒ Boolean
- #user_id ⇒ Object
- #user_needs_reverification?(preset = StepUp::Preset::STRICT) ⇒ Boolean
- #user_require_reverification!(preset = StepUp::Preset::STRICT) {|preset| ... } ⇒ Object
- #user_reverification_rack_response(config = nil) ⇒ Object
-
#user_reverified?(params) ⇒ Boolean
Returns true if the session needs to perform step up verification.
Constructor Details
#initialize(session_claims: nil, session_token: nil) ⇒ Proxy
Returns a new instance of Proxy.
11 12 13 14 |
# File 'lib/clerk/proxy.rb', line 11 def initialize(session_claims: nil, session_token: nil) @session_claims = session_claims @session_token = session_token end |
Instance Attribute Details
#session_claims ⇒ Object (readonly)
Returns the value of attribute session_claims.
9 10 11 |
# File 'lib/clerk/proxy.rb', line 9 def session_claims @session_claims end |
#session_token ⇒ Object (readonly)
Returns the value of attribute session_token.
9 10 11 |
# File 'lib/clerk/proxy.rb', line 9 def session_token @session_token end |
Instance Method Details
#organization ⇒ Object
36 37 38 39 40 |
# File 'lib/clerk/proxy.rb', line 36 def organization return nil unless organization? @org ||= fetch_org(organization_id) end |
#organization? ⇒ Boolean
32 33 34 |
# File 'lib/clerk/proxy.rb', line 32 def organization? !organization_id.nil? end |
#organization_id ⇒ Object
42 43 44 45 46 |
# File 'lib/clerk/proxy.rb', line 42 def organization_id return nil unless user? @session_claims["org_id"] end |
#organization_permissions ⇒ Object
54 55 56 57 58 |
# File 'lib/clerk/proxy.rb', line 54 def return nil if @session_claims.nil? @session_claims["org_permissions"] end |
#organization_role ⇒ Object
48 49 50 51 52 |
# File 'lib/clerk/proxy.rb', line 48 def organization_role return nil if @session_claims.nil? @session_claims["org_role"] end |
#user ⇒ Object
20 21 22 23 24 |
# File 'lib/clerk/proxy.rb', line 20 def user return nil unless user? @user ||= fetch_user(user_id) end |
#user? ⇒ Boolean
16 17 18 |
# File 'lib/clerk/proxy.rb', line 16 def user? !@session_claims.nil? end |
#user_id ⇒ Object
26 27 28 29 30 |
# File 'lib/clerk/proxy.rb', line 26 def user_id return nil unless user? @session_claims["sub"] end |
#user_needs_reverification?(preset = StepUp::Preset::STRICT) ⇒ Boolean
88 89 90 |
# File 'lib/clerk/proxy.rb', line 88 def user_needs_reverification?(preset = StepUp::Preset::STRICT) !user_reverified?(preset) end |
#user_require_reverification!(preset = StepUp::Preset::STRICT) {|preset| ... } ⇒ Object
92 93 94 95 |
# File 'lib/clerk/proxy.rb', line 92 def user_require_reverification!(preset = StepUp::Preset::STRICT, &block) return unless user_needs_reverification?(preset) yield(preset) if block_given? end |
#user_reverification_rack_response(config = nil) ⇒ Object
97 98 99 100 101 102 103 104 105 |
# File 'lib/clerk/proxy.rb', line 97 def user_reverification_rack_response(config = nil) raise ArgumentError, "Missing config, please pass a preset a la `Clerk::StepUp::Preset::*`" if config.nil? [ 403, {Clerk::CONTENT_TYPE_HEADER => "application/json"}, [StepUp::Reverification.error_payload(config).to_json] ] end |
#user_reverified?(params) ⇒ Boolean
Returns true if the session needs to perform step up verification
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/clerk/proxy.rb', line 61 def user_reverified?(params) return false unless user? fva = session_claims["fva"] # the feature is disabled return true if fva.nil? level = params[:level] after_minutes = params[:after_minutes].to_i return false if after_minutes.nil? || level.nil? factor1_age, factor2_age = fva is_valid_factor1 = factor1_age != -1 && after_minutes > factor1_age is_valid_factor2 = factor2_age != -1 && after_minutes > factor2_age case level when :first_factor is_valid_factor1 when :second_factor (factor2_age == -1) ? is_valid_factor1 : is_valid_factor2 when :multi_factor (factor2_age == -1) ? is_valid_factor1 : is_valid_factor1 && is_valid_factor2 end end |