1fd28ded8c2359e2a760df205edae8662f3b7487-PR-13

Committed 28 Jan 2024 10:25AM UTC coverage: 92.059% (-4.4%) from 96.441%

Build # 1fd28ded8c2359e2a760df205edae8662f3b7487-PR-13

Build Type

Pull #13

github

Committed by

pknoth

Commit Message

ebsi in time issuance flow compliance

Pull Request Pull Request #13: OpenID for Verifiable Credential Issuance - draft 11 implementation

Run Details

204 of 261 new or added lines in 30 files covered. (78.16%)

20 existing lines in 10 files now uncovered.

997 of 1083 relevant lines covered (92.06%)

48.73 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.29

/lib/boruta/adapters/ecto/access_tokens.ex

defmodule Boruta.Ecto.AccessTokens do
  @moduledoc false
  @behaviour Boruta.Oauth.AccessTokens

  import Boruta.Config, only: [repo: 0]
  import Boruta.Ecto.OauthMapper, only: [to_oauth_schema: 1]
  import Ecto.Query, only: [from: 2]

  alias Boruta.Ecto.Errors
  alias Boruta.Ecto.Token
  alias Boruta.Ecto.TokenStore
  alias Boruta.Oauth
  alias Boruta.Oauth.Client

  @impl Boruta.Oauth.AccessTokens
  def get_by(attrs) do
    case get_by(:from_cache, attrs) do
      {:ok, token} -> token
      {:error, _reason} -> get_by(:from_database, attrs)
    end
  end

  defp get_by(:from_cache, attrs), do: TokenStore.get(attrs)

  defp get_by(:from_database, value: value) do
    with %Token{} = token <-
           repo().one(
             from t in Token,
               left_join: c in assoc(t, :client),
               where: t.type == "access_token" and t.value == ^value
           ),
         {:ok, token} <- token |> to_oauth_schema() |> TokenStore.put() do
      token
    end
  end

  defp get_by(:from_database, refresh_token: refresh_token) do
    with %Token{} = token <-
           repo().one(
             from t in Token,
               left_join: c in assoc(t, :client),
               where: t.type == "access_token" and t.refresh_token == ^refresh_token
           ),
         {:ok, token} <- token |> to_oauth_schema() |> TokenStore.put() do
      token
    end
  end

  @impl Boruta.Oauth.AccessTokens
  def create(
        %{client: %Client{id: client_id, access_token_ttl: access_token_ttl}, scope: scope} =
          params,
        options
      ) do
    sub = params[:sub]
    state = params[:state]
    redirect_uri = params[:redirect_uri]
    previous_token = params[:previous_token]
    previous_code = params[:previous_code]
    resource_owner = params[:resource_owner]
    authorization_details = params[:authorization_details]

    token_attributes = %{
      client_id: client_id,
      sub: sub,
      redirect_uri: redirect_uri,
      state: state,
      scope: scope,
      access_token_ttl: access_token_ttl,
      previous_token: previous_token,
      previous_code: previous_code,
      authorization_details: authorization_details
    }

    changeset =
      apply(
        Token,
        changeset_method(options),
        [%Token{resource_owner: resource_owner}, token_attributes]
      )

    with {:ok, token} <- repo().insert(changeset),
         {:ok, token} <- token |> to_oauth_schema() |> TokenStore.put() do
      {:ok, token}
    else
      {:error, %Ecto.Changeset{} = changeset} ->
        error_message = Errors.message_from_changeset(changeset)

        {:error, "Could not create access token : #{error_message}"}
    end
  end

  defp changeset_method(refresh_token: true), do: :changeset_with_refresh_token
  defp changeset_method(_options), do: :changeset

  @impl Boruta.Oauth.AccessTokens
  def revoke(%Oauth.Token{client: client, value: value}) do
    with %Token{} = token <- repo().get_by(Token, client_id: client.id, value: value),
         {:ok, token} <-
           token
           |> Token.revoke_changeset()
           |> repo().update() do
      TokenStore.invalidate(to_oauth_schema(token))
    else
      nil -> {:error, "Token not found."}
      error -> error
    end
  end

  @impl Boruta.Oauth.AccessTokens
  def revoke_refresh_token(%Oauth.Token{client: client, value: value}) do
    with %Token{} = token <- repo().get_by(Token, client_id: client.id, value: value),
         {:ok, token} <-
           token
           |> Token.revoke_refresh_token_changeset()
           |> repo().update() do
      TokenStore.invalidate(to_oauth_schema(token))
    else
      nil -> {:error, "Token not found."}
      error -> error
    end
  end
end

1	defmodule Boruta.Ecto.AccessTokens do
2	@moduledoc false
3	@behaviour Boruta.Oauth.AccessTokens
4
5	import Boruta.Config, only: [repo: 0]
6	import Boruta.Ecto.OauthMapper, only: [to_oauth_schema: 1]
7	import Ecto.Query, only: [from: 2]
8
9	alias Boruta.Ecto.Errors
10	alias Boruta.Ecto.Token
11	alias Boruta.Ecto.TokenStore
12	alias Boruta.Oauth
13	alias Boruta.Oauth.Client
14
15	@impl Boruta.Oauth.AccessTokens
16	def get_by(attrs) do
17	case get_by(:from_cache, attrs) do	40✔
18	{:ok, token} -> token	1✔
19	{:error, _reason} -> get_by(:from_database, attrs)	39✔
20	end
21	end
22
23	defp get_by(:from_cache, attrs), do: TokenStore.get(attrs)	40✔
24
25	defp get_by(:from_database, value: value) do
26	with %Token{} = token <-	23✔
27	repo().one(
28	from t in Token,	23✔
29	left_join: c in assoc(t, :client),
30	where: t.type == "access_token" and t.value == ^value
31	),
32	{:ok, token} <- token \|> to_oauth_schema() \|> TokenStore.put() do	18✔
33	token	18✔
34	end
35	end
36
37	defp get_by(:from_database, refresh_token: refresh_token) do
38	with %Token{} = token <-	16✔
39	repo().one(
40	from t in Token,	16✔
41	left_join: c in assoc(t, :client),
42	where: t.type == "access_token" and t.refresh_token == ^refresh_token
43	),
44	{:ok, token} <- token \|> to_oauth_schema() \|> TokenStore.put() do	14✔
45	token	14✔
46	end
47	end
48
49	@impl Boruta.Oauth.AccessTokens
50	def create(
51	%{client: %Client{id: client_id, access_token_ttl: access_token_ttl}, scope: scope} =
52	params,
53	options
54	) do
55	sub = params[:sub]	47✔
56	state = params[:state]	47✔
57	redirect_uri = params[:redirect_uri]	47✔
58	previous_token = params[:previous_token]	47✔
59	previous_code = params[:previous_code]	47✔
60	resource_owner = params[:resource_owner]	47✔
61	authorization_details = params[:authorization_details]	47✔
62
63	token_attributes = %{	47✔
64	client_id: client_id,
65	sub: sub,
66	redirect_uri: redirect_uri,
67	state: state,
68	scope: scope,
69	access_token_ttl: access_token_ttl,
70	previous_token: previous_token,
71	previous_code: previous_code,
72	authorization_details: authorization_details
73	}
74
75	changeset =	47✔
76	apply(
77	Token,
78	changeset_method(options),
79	[%Token{resource_owner: resource_owner}, token_attributes]
80	)
81
82	with {:ok, token} <- repo().insert(changeset),	47✔
83	{:ok, token} <- token \|> to_oauth_schema() \|> TokenStore.put() do	46✔
84	{:ok, token}
85	else
86	{:error, %Ecto.Changeset{} = changeset} ->
87	error_message = Errors.message_from_changeset(changeset)	1✔
88
89	{:error, "Could not create access token : #{error_message}"}	1✔
90	end
91	end
92
93	defp changeset_method(refresh_token: true), do: :changeset_with_refresh_token	27✔
94	defp changeset_method(_options), do: :changeset	20✔
95
96	@impl Boruta.Oauth.AccessTokens
97	def revoke(%Oauth.Token{client: client, value: value}) do
98	with %Token{} = token <- repo().get_by(Token, client_id: client.id, value: value),	5✔
99	{:ok, token} <-	5✔
100	token
101	\|> Token.revoke_changeset()
102	\|> repo().update() do
103	TokenStore.invalidate(to_oauth_schema(token))	5✔
104	else
105	nil -> {:error, "Token not found."}
UNCOV 106	error -> error	×
107	end
108	end
109
110	@impl Boruta.Oauth.AccessTokens
111	def revoke_refresh_token(%Oauth.Token{client: client, value: value}) do
112	with %Token{} = token <- repo().get_by(Token, client_id: client.id, value: value),	8✔
113	{:ok, token} <-	8✔
114	token
115	\|> Token.revoke_refresh_token_changeset()
116	\|> repo().update() do
117	TokenStore.invalidate(to_oauth_schema(token))	8✔
118	else
119	nil -> {:error, "Token not found."}
UNCOV 120	error -> error	×
121	end
122	end
123	end

malach-it / boruta_auth / 1fd28ded8c2359e2a760df205edae8662f3b7487-PR-13

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous