Module: Doorkeeper::OpenidConnect::Helpers::Controller

Defined in:: lib/doorkeeper/openid_connect/helpers/controller.rb

Class Method Summary collapse

.reset_auth_time_deprecation_warning! ⇒ Object

Reset the deprecation flag (test helper).
.warn_auth_time_from_resource_owner_deprecation ⇒ Object

Class Method Details

.reset_auth_time_deprecation_warning! ⇒ `Object`

Reset the deprecation flag (test helper).



26
27
28

# File 'lib/doorkeeper/openid_connect/helpers/controller.rb', line 26

def self.reset_auth_time_deprecation_warning!
  @auth_time_from_resource_owner_deprecation_warned = false
end

.warn_auth_time_from_resource_owner_deprecation ⇒ `Object`

# File 'lib/doorkeeper/openid_connect/helpers/controller.rb', line 11

def self.warn_auth_time_from_resource_owner_deprecation
  return if @auth_time_from_resource_owner_deprecation_warned

  @auth_time_from_resource_owner_deprecation_warned = true
  warn "DEPRECATION WARNING: `auth_time_from_resource_owner` is deprecated for " \
       "`max_age` enforcement because it cannot distinguish between concurrent " \
       "sessions of the same user, which is a security issue (see " \
       "https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/150). " \
       "Please configure `auth_time_from_session` to derive auth_time from the " \
       "current session instead. The `auth_time_from_resource_owner` callback " \
       "continues to be used as a fallback and for the `auth_time` claim on the " \
       "ID Token."
end

Module: Doorkeeper::OpenidConnect::Helpers::Controller

Class Method Summary collapse

Class Method Details

.reset_auth_time_deprecation_warning! ⇒ Object

.warn_auth_time_from_resource_owner_deprecation ⇒ Object

.reset_auth_time_deprecation_warning! ⇒ `Object`

.warn_auth_time_from_resource_owner_deprecation ⇒ `Object`