Commit 47f31b4
Changed files (3)
app
controllers
views
errors
spec
requests
app/controllers/oauths_controller.rb
@@ -8,14 +8,14 @@ class OauthsController < ApplicationController
if @client.redirect_uri != params[:redirect_uri]
return redirect_to @client.redirect_uri_path(
- error: 'invalid_request',
+ error: :invalid_request,
state: params[:state]
)
end
unless VALID_RESPONSE_TYPES.include?(params[:response_type])
return redirect_to @client.redirect_uri_path(
- error: 'unsupported_response_type',
+ error: :unsupported_response_type,
state: params[:state]
)
end
@@ -28,12 +28,13 @@ class OauthsController < ApplicationController
end
def create
- return render_error(:not_found) if session[:oauth].nil?
+ return render_error(:bad_request) if session[:oauth].nil?
client = Client.find_by!(uuid: session[:oauth][:client_id])
- authorization = client.authorizations.create!(user: current_user)
- response_type = session[:oauth][:response_type]
- state = session[:oauth][:state]
- redirect_to client.redirect_uri_for(authorization, response_type, state)
+ redirect_to client.redirect_uri_for(
+ client.authorizations.create!(user: current_user),
+ session[:oauth][:response_type],
+ session[:oauth][:state]
+ )
end
end
app/views/errors/bad_request.html.erb
@@ -0,0 +1,7 @@
+<div class="container">
+ <div class="row">
+ <div class="col">
+ <h1>400 - Bad Request</h1>
+ </div>
+ </div>
+</div>
spec/requests/oauth_spec.rb
@@ -79,7 +79,7 @@ RSpec.describe '/oauth' do
context "when the client did not make an appropriate request" do
before { post "/oauth" }
- specify { expect(response).to have_http_status(:not_found) }
+ specify { expect(response).to have_http_status(:bad_request) }
end
end
end