1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# frozen_string_literal: true
module Oauth
class AuthorizationsController < ApplicationController
VALID_RESPONSE_TYPES = %w[code token].freeze
def show
@client = Client.find(secure_params[:client_id])
unless @client.valid_redirect_uri?(secure_params[:redirect_uri])
state = secure_params[:state]
type = :invalid_request
return redirect_to error_url_for(@client, type, state)
end
unless @client.valid_response_type?(secure_params[:response_type])
state = secure_params[:state]
type = :unsupported_response_type
return redirect_to error_url_for(@client, type, state)
end
session[:oauth] = secure_params.to_h
end
def create(oauth = session[:oauth])
return render_error(:bad_request) if oauth.nil?
client = Client.find(oauth[:client_id])
redirect_to redirect_url_for(client, oauth)
rescue StandardError => error
logger.error(error)
url = error_url_for(client, :invalid_request)
redirect_to url if url
end
private
def secure_params
params.permit(
:client_id, :response_type, :redirect_uri,
:state, :code_challenge, :code_challenge_method
)
end
def redirect_url_for(client, oauth)
client.redirect_url_for(current_user, oauth)
end
def error_url_for(client, type, state = nil)
client&.redirect_url(error: type, state: state)
end
end
end
|
