Commit cd2ba52

mo <mo@mokhan.ca>
2018-10-13 16:29:49
allow client to generate authorization instead of controller
main
1 parent 47f31b4
Changed files (3)
app
controllers
oauths_controller.rb
models
client.rb
spec
requests
oauth_spec.rb
app/controllers/oauths_controller.rb
@@ -7,14 +7,14 @@ class OauthsController < ApplicationController
     @client = Client.find_by!(uuid: params[:client_id])
 
     if @client.redirect_uri != params[:redirect_uri]
-      return redirect_to @client.redirect_uri_path(
+      return redirect_to @client.redirect_url(
         error: :invalid_request,
         state: params[:state]
       )
     end
 
     unless VALID_RESPONSE_TYPES.include?(params[:response_type])
-      return redirect_to @client.redirect_uri_path(
+      return redirect_to @client.redirect_url(
         error: :unsupported_response_type,
         state: params[:state]
       )
@@ -27,14 +27,14 @@ class OauthsController < ApplicationController
     }
   end
 
-  def create
-    return render_error(:bad_request) if session[:oauth].nil?
+  def create(oauth = session[:oauth])
+    return render_error(:bad_request) if oauth.nil?
 
-    client = Client.find_by!(uuid: session[:oauth][:client_id])
-    redirect_to client.redirect_uri_for(
-      client.authorizations.create!(user: current_user),
-      session[:oauth][:response_type],
-      session[:oauth][:state]
+    client = Client.find_by!(uuid: oauth[:client_id])
+    redirect_to client.redirect_url_for(
+      current_user,
+      oauth[:response_type],
+      oauth[:state]
     )
   end
 end
app/models/client.rb
@@ -27,14 +27,15 @@ class Client < ApplicationRecord
     uuid
   end
 
-  def redirect_uri_for(authorization, response_type, state)
+  def redirect_url_for(user, response_type, state)
+    authorization = authorizations.create!(user: user)
     if response_type == 'code'
-      redirect_uri_path(code: authorization.code, state: state)
+      redirect_url(code: authorization.code, state: state)
     elsif response_type == 'token'
       access_token, = authorization.issue_tokens_to(
         self, token_types: [:access]
       )
-      redirect_uri_path(
+      redirect_url(
         access_token: access_token.to_jwt,
         token_type: 'Bearer',
         expires_in: 5.minutes.to_i,
@@ -42,11 +43,11 @@ class Client < ApplicationRecord
         state: state
       )
     else
-      redirect_uri_path(error: 'unsupported_response_type', state: state)
+      redirect_url(error: 'unsupported_response_type', state: state)
     end
   end
 
-  def redirect_uri_path(fragments = {})
+  def redirect_url(fragments = {})
     "#{redirect_uri}#" + fragments.map do |(key, value)|
       "#{key}=#{value}" if value.present?
     end.compact.join("&")
spec/requests/oauth_spec.rb
@@ -61,7 +61,7 @@ RSpec.describe '/oauth' do
             post "/oauth"
           end
 
-          specify { expect(response).to redirect_to(client.redirect_uri_path(code: Authorization.last.code, state: state)) }
+          specify { expect(response).to redirect_to(client.redirect_url(code: Authorization.last.code, state: state)) }
         end
 
         context "when the client requested a token" do