9
10
11
12
13
14
15
16
17
18
19
20
21
|
# File 'lib/better_auth/plugins/oauth_provider/middleware/index.rb', line 9
def public_session_middleware(options)
lambda do |ctx|
unless options[:allow_public_client_prelogin] || options[:allowPublicClientPrelogin]
raise APIError.new("BAD_REQUEST")
end
body = OAuthProtocol.stringify_keys(ctx.body || {})
valid = Utils.verify_oauth_query_params(body["oauth_query"], ctx.context.secret)
raise APIError.new("UNAUTHORIZED", body: {error: "invalid_signature"}) unless valid
true
end
end
|