Commit 26b479c

mo <mo@mokhan.ca>
2018-10-15 17:37:38
fix linter errors.
main
1 parent b17a228
Changed files (4)
app
controllers
oauths_controller.rb
tokens_controller.rb
models
authorization.rb
client.rb
app/controllers/oauths_controller.rb
@@ -36,6 +36,9 @@ class OauthsController < ApplicationController
   private
 
   def secure_params
-    params.permit(:client_id, :response_type, :redirect_uri, :state, :code_challenge, :code_challenge_method)
+    params.permit(
+      :client_id, :response_type, :redirect_uri,
+      :state, :code_challenge, :code_challenge_method
+    )
   end
 end
app/controllers/tokens_controller.rb
@@ -40,9 +40,14 @@ class TokensController < ApplicationController
     render "bad_request", formats: :json, status: :bad_request
   end
 
-  def authorization_code_grant(code = params[:code], verifier = params[:code_verifier])
+  def authorization_code_grant(
+    code = params[:code],
+    verifier = params[:code_verifier]
+  )
     authorization = current_client.authorizations.active.find_by!(code: code)
-    authorization.issue_tokens_to(current_client) if authorization.valid_verifier?(verifier)
+    return unless authorization.valid_verifier?(verifier)
+
+    authorization.issue_tokens_to(current_client)
   end
 
   def refresh_grant(refresh_token = params[:refresh_token])
app/models/authorization.rb
@@ -19,11 +19,12 @@ class Authorization < ApplicationRecord
   def valid_verifier?(code_verifier)
     return true unless challenge.present?
 
-    if sha256?
-      challenge == Base64.urlsafe_encode64(Digest::SHA256.hexdigest(code_verifier))
-    else
-      challenge == code_verifier
-    end
+    challenge ==
+      if sha256?
+        Base64.urlsafe_encode64(Digest::SHA256.hexdigest(code_verifier))
+      else
+        code_verifier
+      end
   end
 
   def issue_tokens_to(client, token_types: [:access, :refresh])
app/models/client.rb
@@ -37,18 +37,16 @@ class Client < ApplicationRecord
   end
 
   def redirect_url_for(user, oauth)
-    response_type = oauth[:response_type]
-    state = oauth[:state]
-
+    sha256 = oauth[:code_challenge_method] == 'S256'
     authorization = authorizations.create!(
       user: user,
       challenge: oauth[:code_challenge],
-      challenge_method: oauth[:code_challenge_method] == 'S256' ? :sha256 : :plain
+      challenge_method: sha256 ? :sha256 : :plain
     )
 
-    if response_type == 'code'
-      redirect_url(code: authorization.code, state: state)
-    elsif response_type == 'token'
+    if oauth[:response_type] == 'code'
+      redirect_url(code: authorization.code, state: oauth[:state])
+    elsif oauth[:response_type] == 'token'
       access_token, = authorization.issue_tokens_to(
         self, token_types: [:access]
       )
@@ -57,7 +55,7 @@ class Client < ApplicationRecord
         token_type: 'Bearer',
         expires_in: 5.minutes.to_i,
         scope: :admin,
-        state: state
+        state: oauth[:state]
       )
     else
       redirect_url(error: 'unsupported_response_type', state: state)