nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/lib/openid_connect/authorization_point/endpoint.rb
theworldbright 3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
2016-01-04 16:49:51 +09:00

58 lines
1.7 KiB
Ruby
Raw Blame History

module OpenidConnect
module AuthorizationPoint
class Endpoint
attr_accessor :app, :user, :o_auth_application, :redirect_uri, :response_type,
:scopes, :_request_, :request_uri, :request_object, :nonce
delegate :call, to: :app
def initialize(current_user)
@user = current_user
@app = Rack::OAuth2::Server::Authorize.new do |req, res|
build_attributes(req, res)
if OAuthApplication.available_response_types.include? Array(req.response_type).map(&:to_s).join(" ")
handle_response_type(req, res)
else
req.unsupported_response_type!
end
end
end
def build_attributes(req, res)
build_client(req)
build_redirect_uri(req, res)
verify_nonce(req, res)
build_scopes(req)
end
def handle_response_type(_req, _res)
# Implemented by subclass
end
private
def build_client(req)
@o_auth_application = OAuthApplication.find_by_client_id(req.client_id) || req.bad_request!
end
def build_redirect_uri(req, res)
res.redirect_uri = @redirect_uri = req.verify_redirect_uri!(@o_auth_application.redirect_uris)
end
def verify_nonce(req, res)
if res.protocol_params_location == :fragment && req.nonce.blank?
req.invalid_request! "nonce required"
end
end
def build_scopes(req)
@scopes = req.scope.map {|scope_name|
OpenidConnect::Scope.where(name: scope_name).first.tap do |scope|
req.invalid_scope! "Unknown scope: #{scope}" unless scope
end
}
end
# TODO: buildResponseType(req)
end
end
end
Reference in a new issue View git blame Copy permalink