Class: Clerk::Proxy

Inherits:
Object
  • Object
show all
Defined in:
lib/clerk/proxy.rb

Constant Summary collapse

CACHE_TTL =

seconds

60

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(session_claims: nil, session_token: nil) ⇒ Proxy

Returns a new instance of Proxy.



11
12
13
14
# File 'lib/clerk/proxy.rb', line 11

def initialize(session_claims: nil, session_token: nil)
  @session_claims = session_claims
  @session_token = session_token
end

Instance Attribute Details

#session_claimsObject (readonly)

Returns the value of attribute session_claims.



9
10
11
# File 'lib/clerk/proxy.rb', line 9

def session_claims
  @session_claims
end

#session_tokenObject (readonly)

Returns the value of attribute session_token.



9
10
11
# File 'lib/clerk/proxy.rb', line 9

def session_token
  @session_token
end

Instance Method Details

#organizationObject



36
37
38
39
40
# File 'lib/clerk/proxy.rb', line 36

def organization
  return nil unless organization?

  @org ||= fetch_org(organization_id)
end

#organization?Boolean

Returns:

  • (Boolean)


32
33
34
# File 'lib/clerk/proxy.rb', line 32

def organization?
  !organization_id.nil?
end

#organization_idObject



42
43
44
45
46
# File 'lib/clerk/proxy.rb', line 42

def organization_id
  return nil unless user?

  @session_claims["org_id"]
end

#organization_permissionsObject



54
55
56
57
58
# File 'lib/clerk/proxy.rb', line 54

def organization_permissions
  return nil if @session_claims.nil?

  @session_claims["org_permissions"]
end

#organization_roleObject



48
49
50
51
52
# File 'lib/clerk/proxy.rb', line 48

def organization_role
  return nil if @session_claims.nil?

  @session_claims["org_role"]
end

#userObject



20
21
22
23
24
# File 'lib/clerk/proxy.rb', line 20

def user
  return nil unless user?

  @user ||= fetch_user(user_id)
end

#user?Boolean

Returns:

  • (Boolean)


16
17
18
# File 'lib/clerk/proxy.rb', line 16

def user?
  !@session_claims.nil?
end

#user_idObject



26
27
28
29
30
# File 'lib/clerk/proxy.rb', line 26

def user_id
  return nil unless user?

  @session_claims["sub"]
end

#user_needs_reverification?(preset = StepUp::Preset::STRICT) ⇒ Boolean

Returns:

  • (Boolean)


88
89
90
# File 'lib/clerk/proxy.rb', line 88

def user_needs_reverification?(preset = StepUp::Preset::STRICT)
  !user_reverified?(preset)
end

#user_require_reverification!(preset = StepUp::Preset::STRICT) {|preset| ... } ⇒ Object

Yields:

  • (preset)


92
93
94
95
# File 'lib/clerk/proxy.rb', line 92

def user_require_reverification!(preset = StepUp::Preset::STRICT, &block)
  return unless user_needs_reverification?(preset)
  yield(preset) if block_given?
end

#user_reverification_rack_response(config = nil) ⇒ Object

Raises:

  • (ArgumentError)


97
98
99
100
101
102
103
104
105
# File 'lib/clerk/proxy.rb', line 97

def user_reverification_rack_response(config = nil)
  raise ArgumentError, "Missing config, please pass a preset a la `Clerk::StepUp::Preset::*`" if config.nil?

  [
    403,
    {Clerk::CONTENT_TYPE_HEADER => "application/json"},
    [StepUp::Reverification.error_payload(config).to_json]
  ]
end

#user_reverified?(params) ⇒ Boolean

Returns true if the session needs to perform step up verification

Returns:

  • (Boolean)


61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# File 'lib/clerk/proxy.rb', line 61

def user_reverified?(params)
  return false unless user?

  fva = session_claims["fva"]

  # the feature is disabled
  return true if fva.nil?

  level = params[:level]
  after_minutes = params[:after_minutes].to_i

  return false if after_minutes.nil? || level.nil?

  factor1_age, factor2_age = fva
  is_valid_factor1 = factor1_age != -1 && after_minutes > factor1_age
  is_valid_factor2 = factor2_age != -1 && after_minutes > factor2_age

  case level
  when :first_factor
    is_valid_factor1
  when :second_factor
    (factor2_age == -1) ? is_valid_factor1 : is_valid_factor2
  when :multi_factor
    (factor2_age == -1) ? is_valid_factor1 : is_valid_factor1 && is_valid_factor2
  end
end