diff options
| author | mo khan <mo@mokhan.ca> | 2025-03-18 14:32:45 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-03-18 14:32:45 -0600 |
| commit | e6b7ade7a40a6d5131285a3a5a63b8a479d9b76b (patch) | |
| tree | 5ac0498ebfbfd87b67bbc70bf7ffecf49bfe0c2e /bin/ui | |
| parent | 53a7bd15bf230eec30e680735548c642a1f68e44 (diff) | |
refactor: use oauth server metadata to configure endpoints
Diffstat (limited to 'bin/ui')
| -rwxr-xr-x | bin/ui | 22 |
1 files changed, 19 insertions, 3 deletions
@@ -50,8 +50,16 @@ module OAuth })) end - def authorize_uri - "http://#{$idp_host}/oauth/authorize?client_id=#{client_id}&state=example&redirect_uri=#{$scheme}://#{$host}/oauth/callback&response_type=code&response_mode=query&scope=openid" + def [](key) + server_metadata.fetch(key) + end + + def redirect_uri + "#{$scheme}://#{$host}/oauth/callback" + end + + def authorize_uri(state: SecureRandom.uuid, response_mode: "query", scope: "openid") + "#{self[:authorization_endpoint]}?client_id=#{client_id}&state=#{state}&redirect_uri=#{redirect_uri}&response_type=code&response_mode=#{response_mode}&scope=#{scope}" end def with_http @@ -60,9 +68,17 @@ module OAuth end end + def server_metadata + @server_metadata ||= + with_http do |client| + response = client.get("http://#{$idp_host}/.well-known/openid-configuration") + JSON.parse(response.body, symbolize_names: true) + end + end + def exchange(grant_type:, code:) with_http do |client| - client.post("http://#{$idp_host}/oauth/token", body: { + client.post(self[:token_endpoint], body: { grant_type: grant_type, code: code, code_verifier: "not_implemented" |