extract class ApiEntrepriseToken
and check if token is expired
This commit is contained in:
parent
132cfcb6c3
commit
f587e6600a
4 changed files with 58 additions and 8 deletions
25
app/models/api_entreprise_token.rb
Normal file
25
app/models/api_entreprise_token.rb
Normal file
|
@ -0,0 +1,25 @@
|
|||
class ApiEntrepriseToken
|
||||
attr_reader :token
|
||||
|
||||
def initialize(token)
|
||||
@token = token
|
||||
end
|
||||
|
||||
def roles
|
||||
decoded_token["roles"] if token.present?
|
||||
end
|
||||
|
||||
def expired?
|
||||
Time.zone.now.to_i >= decoded_token["exp"] if token.present?
|
||||
end
|
||||
|
||||
def role?(role)
|
||||
roles.include?(role)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def decoded_token
|
||||
JWT.decode(token, nil, false)[0]
|
||||
end
|
||||
end
|
|
@ -552,18 +552,18 @@ class Procedure < ApplicationRecord
|
|||
"Procedure;#{id}"
|
||||
end
|
||||
|
||||
def api_entreprise_roles
|
||||
JWT.decode(api_entreprise_token, nil, false)[0]["roles"] if api_entreprise_token.present?
|
||||
end
|
||||
|
||||
def api_entreprise_role?(role)
|
||||
api_entreprise_roles.include?(role)
|
||||
ApiEntrepriseToken.new(api_entreprise_token).role?(role)
|
||||
end
|
||||
|
||||
def api_entreprise_token
|
||||
self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
|
||||
end
|
||||
|
||||
def api_entreprise_token_expired?
|
||||
ApiEntrepriseToken.new(api_entreprise_token).expired?
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def move_type_de_champ_attributes(types_de_champ, type_de_champ, new_index)
|
||||
|
|
|
@ -166,7 +166,7 @@ describe ApiEntreprise::API do
|
|||
let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
|
||||
|
||||
before do
|
||||
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles)
|
||||
allow_any_instance_of(ApiEntrepriseToken).to receive(:roles).and_return(roles)
|
||||
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
|
||||
.to_return(body: body, status: status)
|
||||
end
|
||||
|
@ -194,7 +194,7 @@ describe ApiEntreprise::API do
|
|||
let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_fiscale.json') }
|
||||
|
||||
before do
|
||||
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles)
|
||||
allow_any_instance_of(ApiEntrepriseToken).to receive(:roles).and_return(roles)
|
||||
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_fiscales_dgfip\/#{siren}?.*token=#{token}&user_id=#{user_id}/)
|
||||
.to_return(body: body, status: status)
|
||||
end
|
||||
|
@ -221,7 +221,7 @@ describe ApiEntreprise::API do
|
|||
let(:body) { File.read('spec/fixtures/files/api_entreprise/bilans_entreprise_bdf.json') }
|
||||
|
||||
before do
|
||||
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles)
|
||||
allow_any_instance_of(ApiEntrepriseToken).to receive(:roles).and_return(roles)
|
||||
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/bilans_entreprises_bdf\/#{siren}?.*token=#{token}/)
|
||||
.to_return(body: body, status: status)
|
||||
end
|
||||
|
|
|
@ -334,6 +334,31 @@ describe Procedure do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'api_entreprise_token_expired?' do
|
||||
let(:token) { "mon-token" }
|
||||
let(:procedure) { create(:procedure, api_entreprise_token: token) }
|
||||
let(:payload) {
|
||||
[
|
||||
{ "exp" => expiration_time }
|
||||
]
|
||||
}
|
||||
let(:subject) { procedure.api_entreprise_token_expired? }
|
||||
|
||||
before do
|
||||
allow(JWT).to receive(:decode).with(token, nil, false).and_return(payload)
|
||||
end
|
||||
|
||||
context "with token expired" do
|
||||
let(:expiration_time) { (Time.zone.now - 1.day).to_i }
|
||||
it { is_expected.to be_truthy }
|
||||
end
|
||||
|
||||
context "with token not expired" do
|
||||
let(:expiration_time) { (Time.zone.now + 1.day).to_i }
|
||||
it { is_expected.to be_falsey }
|
||||
end
|
||||
end
|
||||
|
||||
describe 'clone' do
|
||||
let!(:service) { create(:service) }
|
||||
let(:procedure) { create(:procedure, received_mail: received_mail, service: service) }
|
||||
|
|
Loading…
Reference in a new issue