Commit 6ece23f
Changed files (6)
app
config
spec
factories
requests
oauth
app/controllers/oauth/clients_controller.rb
@@ -2,8 +2,13 @@
module Oauth
class ClientsController < ApplicationController
- skip_before_action :authenticate!
- before_action :apply_cache_headers
+ skip_before_action :authenticate!, only: [:create]
+ before_action :apply_cache_headers, only: [:create]
+
+ def show
+ @client = current_client
+ render formats: :json
+ end
def create
@client = Client.create!(transform(secure_params))
@@ -50,5 +55,16 @@ module Oauth
:invalid_client_metadata
end
end
+
+ attr_reader :current_client
+
+ def authenticate!
+ @current_client = authenticate_with_http_basic do |id, client_secret|
+ Client.find(id)&.authenticate(client_secret)
+ end
+ return if current_client
+
+ render status: :unauthorized
+ end
end
end
app/models/client.rb
@@ -7,9 +7,9 @@ class Client < ApplicationRecord
has_many :authorizations
attribute :redirect_uris, :string, array: true
enum token_endpoint_auth_method: {
- client_secret_none: 0,
+ client_secret_basic: 0,
+ client_secret_none: 2,
client_secret_post: 1,
- client_secret_basic: 2
}
validates :redirect_uris, presence: true
app/views/oauth/clients/show.json.jbuilder
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+json.client_id @client.to_param
+json.client_secret @client.password
+json.client_id_issued_at @client.created_at.to_i
+json.client_secret_expires_at 0
+json.redirect_uris @client.redirect_uris
+json.grant_types @client.grant_types
+json.client_name @client.name
+json.token_endpoint_auth_method @client.token_endpoint_auth_method
+json.logo_uri @client.logo_uri
+json.jwks_uri @client.jwks_uri
config/routes.rb
@@ -17,7 +17,7 @@ Rails.application.routes.draw do
end
namespace :oauth do
resource :authorizations, only: [:show, :create]
- resources :clients, only: [:create]
+ resources :clients, only: [:show, :create]
resource :tokens, only: [:create] do
post :introspect
post :revoke
spec/factories/client.rb
@@ -4,5 +4,7 @@ FactoryBot.define do
factory :client do
name { FFaker::Name.name }
redirect_uris { [FFaker::Internet.uri('https')] }
+ logo_uri { FFaker::Internet.uri('https') }
+ jwks_uri { FFaker::Internet.uri('https') }
end
end
spec/requests/oauth/clients_spec.rb
@@ -3,6 +3,31 @@
require 'rails_helper'
RSpec.describe "/oauth/clients" do
+ describe "GET /oauth/clients/:id" do
+ context "when using the correct HTTP Basic Auth credentials" do
+ let(:client) { create(:client) }
+ let(:credentials) { ActionController::HttpAuthentication::Basic.encode_credentials(client.to_param, client.password) }
+ let(:headers) { { 'Authorization' => credentials } }
+ let(:json) { JSON.parse(response.body, symbolize_names: true) }
+
+ before do
+ get "/oauth/clients/#{client.to_param}", headers: headers
+ end
+
+ specify { expect(response).to have_http_status(:ok) }
+ specify { expect(json[:client_id]).to eql(client.to_param) }
+ specify { expect(json[:client_secret]).to be_present }
+ specify { expect(json[:client_id_issued_at]).to eql(client.created_at.to_i) }
+ specify { expect(json[:client_secret_expires_at]).to be_zero }
+ specify { expect(json[:redirect_uris]).to match_array(client.redirect_uris) }
+ specify { expect(json[:grant_types]).to match_array(client.grant_types.map(&:to_s)) }
+ specify { expect(json[:client_name]).to eql(client.name) }
+ specify { expect(json[:token_endpoint_auth_method]).to eql('client_secret_basic') }
+ specify { expect(json[:logo_uri]).to eql(client.logo_uri) }
+ specify { expect(json[:jwks_uri]).to eql(client.jwks_uri) }
+ end
+ end
+
describe "POST /oauth/clients" do
let(:redirect_uris) { [generate(:uri), generate(:uri)] }
let(:client_name) { FFaker::Name.name }