class Doorkeeper::SecretStoring::Base

Base class for secret storing, including common helpers
#

def self.allows_restoring_secrets?

trying to use a non-restorable strategy with +reuse_access_tokens+.
secrets from the database. This allows detecting users
Determines whether this strategy supports restoring
# 
def self.allows_restoring_secrets?
  false
end

def self.restore_secret(_resource, _attribute)

Parameters:
  • attribute () -- The secret attribute to restore
  • resource () -- The resource instance to act on 
def self.restore_secret(_resource, _attribute)
  raise NotImplementedError
end

def self.secret_matches?(input, stored)

processed by +transform_secret+.
Securely compare the given +input+ value with a +stored+ value
# 
def self.secret_matches?(input, stored)
  transformed_input = transform_secret(input)
  ActiveSupport::SecurityUtils.secure_compare transformed_input, stored
end

def self.store_secret(resource, attribute, plain_secret)

Parameters:
  • plain_secret () -- The plain secret input / generated
  • attribute () -- The secret attribute
  • resource () -- The model instance being modified 
def self.store_secret(resource, attribute, plain_secret)
  transformed_value = transform_secret(plain_secret)
  resource.public_send(:"#{attribute}=", transformed_value)
  transformed_value
end

def self.transform_secret(_plain_secret)

Parameters:
  • plain_secret () -- The plain secret input / generated 
def self.transform_secret(_plain_secret)
  raise NotImplementedError
end

def self.validate_for(model)

Determines what secrets this strategy is applicable for
# 
def self.validate_for(model)
  valid = %i[token application]
  return true if valid.include?(model.to_sym)
  raise ArgumentError, "'#{name}' can not be used for #{model}."
end