Move openid controllers to openid connect namespace

Gemfile

@@ -150,7 +150,7 @@ gem "twitter",            "5.15.0"
 gem "omniauth-wordpress", "0.2.2"
 
 # OpenID Connect
-gem "openid_connect"
+gem "openid_connect", "0.8.3"
 
 # Serializers
 

Gemfile.lock

@@ -522,17 +522,17 @@ GEM
     open_graph_reader (0.6.1)
       faraday (~> 0.9.0)
       nokogiri (~> 1.6)
-    openid_connect (0.9.2)
+    openid_connect (0.8.3)
       activemodel
-      attr_required (>= 1.0.0)
+      attr_required (>= 0.0.5)
       json (>= 1.4.3)
-      json-jwt (>= 1.5.0)
+      json-jwt (>= 0.5.5)
-      rack-oauth2 (>= 1.2.1)
+      rack-oauth2 (>= 1.0.0)
-      swd (>= 1.0.0)
+      swd (>= 0.1.2)
       tzinfo
       validate_email
       validate_url
-      webfinger (>= 1.0.1)
+      webfinger (>= 0.0.2)
     orm_adapter (0.5.0)
     parser (2.2.3.0)
       ast (>= 1.1, < 3.0)
@@ -942,7 +942,7 @@ DEPENDENCIES
   omniauth-twitter (= 1.2.1)
   omniauth-wordpress (= 0.2.2)
   open_graph_reader (= 0.6.1)
-  openid_connect
+  openid_connect (= 0.8.3)
   pg (= 0.18.4)
   pronto (= 0.5.3)
   pronto-haml (= 0.5.0)

app/controllers/openid/connect_controller.rb

@@ -1,4 +0,0 @@
-class ConnectController < ApplicationController
-  def show
-  end
-end

app/controllers/openid_connect/authorizations_controller.rb

@@ -5,31 +5,31 @@ class AuthorizationsController < ApplicationController
     render :error, status: e.status
   end
 
+  before_action :authenticate_user!
+
   def new
     call_authorization_endpoint
   end
 
   def create
-    call_authorization_endpoint :allow_approval, params[:approve]
+    call_authorization_endpoint :is_create, params[:approve]
   end
 
   private
 
-  def call_authorization_endpoint(allow_approval = false, approved = false)
+  def call_authorization_endpoint(is_create = false, approved = false)
-    endpoint = AuthorizationEndpoint.new allow_approval, approved
+    endpoint = AuthorizationEndpoint.new current_user, is_create, approved
     rack_response = *endpoint.call(request.env)
     @client, @response_type, @redirect_uri, @scopes, @_request_, @request_uri, @request_object = *[
         endpoint.client, endpoint.response_type, endpoint.redirect_uri, endpoint.scopes, endpoint._request_, endpoint.request_uri, endpoint.request_object
     ]
-    require_authentication
     if (
-    !allow_approval &&
+    !is_create &&
         (max_age = @request_object.try(:id_token).try(:max_age)) &&
         current_account.last_logged_in_at < max_age.seconds.ago
     )
       flash[:notice] = 'Exceeded Max Age, Login Again'
       unauthenticate!
-      require_authentication
     end
     respond_as_rack_app *rack_response
   end

config/routes.rb

@@ -234,14 +234,13 @@ Diaspora::Application.routes.draw do
   root :to => 'home#show'
 
   #OpenID Connect & OAuth
-  resource :openid do
+  namespace :openid_connect do
+    resources :clients, only: :create
     resources :authorizations, only: [:new, :create]
-    match 'connect', to: 'connect#show', via: [:get, :post]
-    match '.well-known/:id', to: 'discovery#show' , via: [:get, :post]
     post 'access_tokens', to: proc { |env| OpenidConnect::TokenEndpoint.new.call(env) }
   end
 
   api_version(module: "Api::V0", path: {value: "api/v0"}, default: true) do
-    match 'user', to: 'users#show', via: :get
+    match 'user', to: 'users#show', via: [:get, :post]
   end
 end