nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix remaining remarks

Browse source
This commit is contained in:
theworldbright 2015-10-24 17:19:22 -07:00
parent d028b5672e
commit f1b394de0f
7 changed files with 18 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/openid_connect/authorizations_controller.rb
View file

@ -9,7 +9,7 @@ module Api
rescue_from OpenSSL::SSL::SSLError do |e| rescue_from OpenSSL::SSL::SSLError do |e|
logger.info e.backtrace[0, 10].join("\n") logger.info e.backtrace[0, 10].join("\n")
handle_params_error("ssl_error", e.message) handle_params_error("bad_request", e.message)
end end
before_action :auth_user_unless_prompt_none! before_action :auth_user_unless_prompt_none!

3
app/controllers/api/openid_connect/token_endpoint_controller.rb
View file

@ -26,8 +26,7 @@ module Api
def fetch_public_key(o_auth_app, jwt) def fetch_public_key(o_auth_app, jwt)
public_key = fetch_public_key_from_json(o_auth_app.jwks, jwt) public_key = fetch_public_key_from_json(o_auth_app.jwks, jwt)
if public_key.empty? && o_auth_app.jwks_uri if public_key.empty? && o_auth_app.jwks_uri
uri = URI.parse(o_auth_app.jwks_uri) response = Faraday.get(o_auth_app.jwks_uri)
response = Net::HTTP.get_response(uri)
public_key = fetch_public_key_from_json(response.body, jwt) public_key = fetch_public_key_from_json(response.body, jwt)
end end
raise Rack::OAuth2::Server::Authorize::BadRequest(:unauthorized_client) if public_key.empty? raise Rack::OAuth2::Server::Authorize::BadRequest(:unauthorized_client) if public_key.empty?

3
app/models/api/openid_connect/authorization.rb
View file

@ -67,8 +67,7 @@ module Api
auth.destroy auth.destroy
nil nil
else else
auth.code_used = true auth.update!(code_used: true)
auth.save
auth auth
end end
end end

6
app/models/api/openid_connect/o_auth_application.rb
View file

@ -50,8 +50,7 @@ module Api
def check_sector_identifier_uri(attributes) def check_sector_identifier_uri(attributes)
sector_identifier_uri = attributes[:sector_identifier_uri] sector_identifier_uri = attributes[:sector_identifier_uri]
return unless sector_identifier_uri return unless sector_identifier_uri
uri = URI.parse(sector_identifier_uri) response = Faraday.get(sector_identifier_uri)
response = Net::HTTP.get_response(uri)
sector_identifier_uri_json = JSON.parse(response.body) sector_identifier_uri_json = JSON.parse(response.body)
redirect_uris = attributes[:redirect_uris] redirect_uris = attributes[:redirect_uris]
sector_identifier_uri_includes_redirect_uris = (redirect_uris - sector_identifier_uri_json).empty? sector_identifier_uri_includes_redirect_uris = (redirect_uris - sector_identifier_uri_json).empty?
@ -80,8 +79,7 @@ module Api
if key == :subject_type if key == :subject_type
attr[:ppid] = (value == "pairwise") attr[:ppid] = (value == "pairwise")
elsif key == :jwks_uri elsif key == :jwks_uri
uri = URI.parse(value) response = Faraday.get(value)
response = Net::HTTP.get_response(uri)
attr[:jwks] = response.body attr[:jwks] = response.body
attr[:jwks_uri] = value attr[:jwks_uri] = value
elsif key == :jwks elsif key == :jwks

5
lib/api/openid_connect/error/invalid_sector_identifier_uri.rb → lib/api/openid_connect/error.rb
View file

@ -1,6 +1,11 @@
module Api module Api
module OpenidConnect module OpenidConnect
module Error module Error
class InvalidRedirectUri < ::ArgumentError
def initialize
super "Redirect uri contains fragment"
end
end
class InvalidSectorIdentifierUri < ::ArgumentError class InvalidSectorIdentifierUri < ::ArgumentError
def initialize def initialize
super "Invalid sector identifier uri" super "Invalid sector identifier uri"

11
lib/api/openid_connect/error/invalid_redirect_uri.rb
View file

@ -1,11 +0,0 @@
module Api
module OpenidConnect
module Error
class InvalidRedirectUri < ::ArgumentError
def initialize
super "Redirect uri contains fragment"
end
end
end
end
end

16
spec/controllers/api/openid_connect/clients_controller_spec.rb
View file

@ -5,8 +5,8 @@ describe Api::OpenidConnect::ClientsController, type: :controller do
context "when valid parameters are passed" do context "when valid parameters are passed" do
it "should return a client id" do it "should return a client id" do
stub_request(:get, "http://example.com/uris") stub_request(:get, "http://example.com/uris")
.with(headers: {:Accept => "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", .with(headers: {Accept: "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
:Host => "example.com", :"User-Agent" => "Ruby"}) :"User-Agent" => "Faraday v0.9.1"})
.to_return(status: 200, body: "[\"http://localhost\"]", headers: {}) .to_return(status: 200, body: "[\"http://localhost\"]", headers: {})
post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client", post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client",
response_types: [], grant_types: [], application_type: "web", contacts: [], response_types: [], grant_types: [], application_type: "web", contacts: [],
@ -22,8 +22,8 @@ describe Api::OpenidConnect::ClientsController, type: :controller do
context "when valid parameters with jwks is passed" do context "when valid parameters with jwks is passed" do
it "should return a client id" do it "should return a client id" do
stub_request(:get, "http://example.com/uris") stub_request(:get, "http://example.com/uris")
.with(headers: {:Accept => "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", .with(headers: {Accept: "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
:Host => "example.com", :"User-Agent" => "Ruby"}) :"User-Agent" => "Faraday v0.9.1"})
.to_return(status: 200, body: "[\"http://localhost\"]", headers: {}) .to_return(status: 200, body: "[\"http://localhost\"]", headers: {})
post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client", post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client",
response_types: [], grant_types: [], application_type: "web", contacts: [], response_types: [], grant_types: [], application_type: "web", contacts: [],
@ -80,12 +80,12 @@ describe Api::OpenidConnect::ClientsController, type: :controller do
context "when valid parameters with jwks_uri is passed" do context "when valid parameters with jwks_uri is passed" do
it "should return a client id" do it "should return a client id" do
stub_request(:get, "http://example.com/uris") stub_request(:get, "http://example.com/uris")
.with(headers: {:Accept => "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", .with(headers: {Accept: "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
:Host => "example.com", :"User-Agent" => "Ruby"}) :"User-Agent" => "Faraday v0.9.1"})
.to_return(status: 200, body: "[\"http://localhost\"]", headers: {}) .to_return(status: 200, body: "[\"http://localhost\"]", headers: {})
stub_request(:get, "https://kentshikama.com/api/openid_connect/jwks.json") stub_request(:get, "https://kentshikama.com/api/openid_connect/jwks.json")
.with(headers: {:Accept => "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", .with(headers: {Accept: "*/*", :"Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
:Host => "kentshikama.com", :"User-Agent" => "Ruby"}) :"User-Agent" => "Faraday v0.9.1"})
.to_return(status: 200, .to_return(status: 200,
body: "{\"keys\":[{\"kty\":\"RSA\",\"e\":\"AQAB\",\"n\":\"qpW\",\"use\":\"sig\"}]}", headers: {}) body: "{\"keys\":[{\"kty\":\"RSA\",\"e\":\"AQAB\",\"n\":\"qpW\",\"use\":\"sig\"}]}", headers: {})
post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client", post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client",