diff options
| -rwxr-xr-x | bin/ui | 22 |
1 files changed, 19 insertions, 3 deletions
@@ -50,8 +50,16 @@ module OAuth })) end - def authorize_uri - "http://#{$idp_host}/oauth/authorize?client_id=#{client_id}&state=example&redirect_uri=#{$scheme}://#{$host}/oauth/callback&response_type=code&response_mode=query&scope=openid" + def [](key) + server_metadata.fetch(key) + end + + def redirect_uri + "#{$scheme}://#{$host}/oauth/callback" + end + + def authorize_uri(state: SecureRandom.uuid, response_mode: "query", scope: "openid") + "#{self[:authorization_endpoint]}?client_id=#{client_id}&state=#{state}&redirect_uri=#{redirect_uri}&response_type=code&response_mode=#{response_mode}&scope=#{scope}" end def with_http @@ -60,9 +68,17 @@ module OAuth end end + def server_metadata + @server_metadata ||= + with_http do |client| + response = client.get("http://#{$idp_host}/.well-known/openid-configuration") + JSON.parse(response.body, symbolize_names: true) + end + end + def exchange(grant_type:, code:) with_http do |client| - client.post("http://#{$idp_host}/oauth/token", body: { + client.post(self[:token_endpoint], body: { grant_type: grant_type, code: code, code_verifier: "not_implemented" |