1# frozen_string_literal: true
 2
 3module Oauth
 4  class AuthorizationsController < ApplicationController
 5    VALID_RESPONSE_TYPES = %w[code token].freeze
 6
 7    def show
 8      @client = Client.find(secure_params[:client_id])
 9
10      unless @client.valid_redirect_uri?(secure_params[:redirect_uri])
11        state = secure_params[:state]
12        type = :invalid_request
13        return redirect_to error_url_for(@client, type, state)
14      end
15
16      unless @client.valid_response_type?(secure_params[:response_type])
17        state = secure_params[:state]
18        type = :unsupported_response_type
19        return redirect_to error_url_for(@client, type, state)
20      end
21
22      session[:oauth] = secure_params.to_h
23    end
24
25    def create(oauth = session[:oauth])
26      return render_error(:bad_request) if oauth.nil?
27
28      client = Client.find(oauth[:client_id])
29      redirect_to redirect_url_for(client, oauth)
30    rescue StandardError => error
31      logger.error(error)
32      url = error_url_for(client, :invalid_request)
33      redirect_to url if url
34    end
35
36    private
37
38    def secure_params
39      params.permit(
40        :client_id, :response_type, :redirect_uri,
41        :state, :code_challenge, :code_challenge_method
42      )
43    end
44
45    def redirect_url_for(client, oauth)
46      client.redirect_url_for(current_user, oauth)
47    end
48
49    def error_url_for(client, type, state = nil)
50      client&.redirect_url(error: type, state: state)
51    end
52  end
53end