authorize_api_request.rb 810 Bytes
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34


module ScimRails
  class AuthorizeApiRequest

    def initialize(subdomain:, api_key:)
      @subdomain = subdomain
      @api_key = api_key

      raise ScimRails::ExceptionHandler::MissingCredentials if subdomain.blank? || api_key.blank?
    end

    def company
      company = find_company
      authorize(company)
      company
    end

    private

    attr_reader :subdomain
    attr_reader :api_key

    def find_company
      @company ||= Company.find_by!(subdomain: subdomain)

    rescue ActiveRecord::RecordNotFound
      raise ScimRails::ExceptionHandler::InvalidCredentials
    end

    def authorize(company)
      authorized = ActiveSupport::SecurityUtils::secure_compare(company.api_key, api_key)
      raise ScimRails::ExceptionHandler::InvalidCredentials unless authorized
    end
  end
end