Commit a32f807
Changed files (4)
app
controllers
scim
models
spec
models
app/controllers/scim/controller.rb
@@ -35,7 +35,7 @@ module Scim
private
def authenticate!
- Current.user = authenticate_with_http_token do |token|
+ Current.token = authenticate_with_http_token do |token|
Token.authenticate(token)
end
render plain: "Unauthorized", status: :unauthorized unless Current.user?
app/models/current.rb
@@ -1,10 +1,15 @@
# frozen_string_literal: true
class Current < ActiveSupport::CurrentAttributes
- attribute :user
+ attribute :user, :token
attribute :request_id, :user_agent, :ip_address
def user?
user.present?
end
+
+ def token=(token)
+ super
+ self.user = token&.subject
+ end
end
app/models/token.rb
@@ -69,7 +69,7 @@ class Token < ApplicationRecord
token = Token.find_by!(uuid: claims[:jti])
return if token.refresh? || token.revoked?
- token.subject
+ token
end
end
end
spec/models/token_spec.rb
@@ -44,7 +44,7 @@ RSpec.describe Token, type: :model do
context "when the access_token is active" do
let(:token) { create(:access_token) }
- specify { expect(subject.authenticate(token.to_jwt)).to eql(token.subject) }
+ specify { expect(subject.authenticate(token.to_jwt)).to eql(token) }
end
context "when the token is a refresh token" do