Commit eb3794d

mo <mo@mokhan.ca>
2018-10-28 17:06:21
RFC-8414 - Provide Authorization Server Metadata
main
1 parent 122f2da
Changed files (4)
app
controllers
oauth
metadata_controller.rb
views
oauth
metadata
show.json.jbuilder
config
routes.rb
spec
requests
well-known
oauth_spec.rb
app/controllers/oauth/metadata_controller.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Oauth
+  class MetadataController < ApplicationController
+    skip_before_action :authenticate!
+
+    def show
+      render formats: :json
+    end
+  end
+end
app/views/oauth/metadata/show.json.jbuilder
@@ -0,0 +1,12 @@
+json.issuer root_url
+json.authorization_endpoint oauth_authorizations_url
+json.token_endpoint oauth_tokens_url
+json.token_endpoint_auth_methods_supported [:client_secret_basic]
+json.token_endpoint_auth_signing_alg_values_supported ['RS256']
+json.userinfo_endpoint ''
+json.jwks_uri ''
+json.registration_endpoint oauth_clients_url
+json.scopes_supported []
+json.response_types_supported Client::RESPONSE_TYPES
+json.service_documentation root_url + 'doc'
+json.ui_locales_supported I18n.available_locales
config/routes.rb
@@ -51,5 +51,6 @@ Rails.application.routes.draw do
       match 'Bulk', to: lambda { |env| [501, {}, ['']] }, via: [:post]
     end
   end
+  get "/.well-known/oauth-authorization-server", to: "oauth/metadata#show"
   root to: "sessions#new"
 end
spec/requests/well-known/oauth_spec.rb
@@ -0,0 +1,23 @@
+require 'rails_helper'
+
+RSpec.describe "/.well-known/oauth-authorization-server" do
+  describe "GET /.well-known/oauth-authorization-server" do
+    let(:json) { JSON.parse(response.body, symbolize_names: true) }
+    before { get "/.well-known/oauth-authorization-server" }
+
+    specify { expect(response).to have_http_status(:ok) }
+    specify { expect(response.content_type).to eql("application/json") }
+    specify { expect(json[:issuer]).to eql(root_url) }
+    specify { expect(json[:authorization_endpoint]).to eql(oauth_authorizations_url) }
+    specify { expect(json[:token_endpoint]).to eql(oauth_tokens_url) }
+    specify { expect(json[:token_endpoint_auth_methods_supported]).to match_array(['client_secret_basic']) }
+    specify { expect(json[:token_endpoint_auth_signing_alg_values_supported]).to match_array(['RS256']) }
+    specify { expect(json[:userinfo_endpoint]).to eql('') }
+    specify { expect(json[:jwks_uri]).to eql('') }
+    specify { expect(json[:registration_endpoint]).to eql(oauth_clients_url) }
+    specify { expect(json[:scopes_supported]).to match_array([]) }
+    specify { expect(json[:response_types_supported]).to match_array(Client::RESPONSE_TYPES) }
+    specify { expect(json[:service_documentation]).to eql(root_url + 'doc') }
+    specify { expect(json[:ui_locales_supported]).to eql(I18n.available_locales.map(&:to_s)) }
+  end
+end