Commit `ee5fc93`

mo <mo.khan@gmail.com>

2018-09-18 21:54:40

User.authenticate_token -> Token.authenticate

main

1 parent 37bfba1

Changed files (5)

app

controllers

scim

controller.rb

models

token.rb

user.rb

spec

models

token_spec.rb

user_spec.rb

@@ -16,7 +16,7 @@ module Scim
 
     def current_user
       @current_user ||= authenticate_with_http_token do |token|
-        User.authenticate_token(token)
+        Token.authenticate(token)
       end
     end

@@ -61,5 +61,15 @@ class Token < ApplicationRecord
       end
       BearerToken.new.decode(token)
     end
+
+    def authenticate(jwt)
+      claims = claims_for(jwt, token_type: :access)
+      return if claims.empty?
+
+      token = Token.find_by!(uuid: claims[:jti])
+      return if token.refresh? || token.revoked?
+
+      token.subject
+    end
   end
 end

@@ -44,16 +44,6 @@ class User < ApplicationRecord
     rescue ActiveRecord::RecordNotFound
       nil
     end
-
-    def authenticate_token(jwt)
-      claims = BearerToken.new.decode(jwt)
-      return if claims.empty?
-
-      token = Token.find_by!(uuid: claims[:jti])
-      return if token.refresh? || token.revoked?
-
-      token.subject
-    end
   end
 
   private

@@ -37,4 +37,32 @@ RSpec.describe Token, type: :model do
     specify { expect(subject.claims_for(access_token, token_type: :access)).to be_present }
     specify { expect(subject.claims_for(refresh_token, token_type: :refresh)).to be_present }
   end
+
+  describe ".authenticate" do
+    subject { described_class }
+
+    context "when the access_token is active" do
+      let(:token) { create(:access_token) }
+
+      specify { expect(subject.authenticate(token.to_jwt)).to eql(token.subject) }
+    end
+
+    context "when the token is a refresh token" do
+      let(:token) { create(:refresh_token) }
+
+      specify { expect(subject.authenticate(token.to_jwt)).to be_nil }
+    end
+
+    context "when the access token has been revoked" do
+      let(:token) { create(:access_token, :revoked) }
+
+      specify { expect(subject.authenticate(token.to_jwt)).to be_nil }
+    end
+
+    context "when the access token is expired" do
+      let(:token) { create(:access_token, :expired) }
+
+      specify { expect(subject.authenticate(token.to_jwt)).to be_nil }
+    end
+  end
 end

@@ -1,31 +1,4 @@
 require 'rails_helper'
 
 RSpec.describe User do
-  describe ".authenticate_token" do
-    subject { described_class }
-
-    context "when the access_token is active" do
-      let(:token) { create(:access_token) }
-
-      specify { expect(subject.authenticate_token(token.to_jwt)).to eql(token.subject) }
-    end
-
-    context "when the token is a refresh token" do
-      let(:token) { create(:refresh_token) }
-
-      specify { expect(subject.authenticate_token(token.to_jwt)).to be_nil }
-    end
-
-    context "when the access token has been revoked" do
-      let(:token) { create(:access_token, :revoked) }
-
-      specify { expect(subject.authenticate_token(token.to_jwt)).to be_nil }
-    end
-
-    context "when the access token is expired" do
-      let(:token) { create(:access_token, :expired) }
-
-      specify { expect(subject.authenticate_token(token.to_jwt)).to be_nil }
-    end
-  end
 end

Commit ee5fc93

Commit `ee5fc93`