Class: Doorkeeper::OpenidConnect::OAuth::DynamicRegistrationRequest
Constant Summary
collapse
- DEFAULT_TOKEN_ENDPOINT_AUTH_METHOD =
"client_secret_basic"
- PUBLIC_CLIENT_AUTH_METHOD =
"none"
- DEFAULT_APPLICATION_TYPE =
"web"
- SUPPORTED_APPLICATION_TYPES =
%w[web native].freeze
TokenEndpointAuthMethodsSupportedMixin::CLIENT_CREDENTIALS_METHOD_MAPPING
Instance Method Summary
collapse
#grant_types_supported
#token_endpoint_auth_methods_supported
Constructor Details
Returns a new instance of DynamicRegistrationRequest.
22
23
24
25
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 22
def initialize(server, params)
@server = server
@params = params
end
|
Instance Method Details
#confidential_client? ⇒ Boolean
45
46
47
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 45
def confidential_client?
token_endpoint_auth_method != PUBLIC_CLIENT_AUTH_METHOD
end
|
#error_response ⇒ Object
69
70
71
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 69
def error_response
{ error: error.to_s, error_description: @error_description }
end
|
#permitted_scopes ⇒ Object
RFC 7591 §2 lets the authorization server replace or omit requested
scopes. The requested scope is intersected against the server's
configured scopes (default + optional): partially unrecognized
scopes are silently dropped, while a request whose scopes are all
unsupported is rejected via #validate_scope, since persisting an
empty scope set would make Doorkeeper's ScopeChecker fall back to
the full server scope set. Scopes#allowed honors dynamic scopes
and preserves the requested order, but only exists on Doorkeeper
5.8.1+; older versions fall back to plain intersection (dynamic
scopes do not exist there, so nothing is lost).
59
60
61
62
63
64
65
66
67
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 59
def permitted_scopes
server_scopes = server.scopes
if server_scopes.respond_to?(:allowed)
server_scopes.allowed(requested_scopes).to_s
else
(server_scopes & requested_scopes).to_s
end
end
|
#requested_application_type ⇒ Object
31
32
33
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 31
def requested_application_type
@params[:application_type].presence || DEFAULT_APPLICATION_TYPE
end
|
#requested_grant_types ⇒ Object
40
41
42
43
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 40
def requested_grant_types
types = Array(@params[:grant_types]).compact_blank
types.presence || server_grant_types
end
|
#requested_response_types ⇒ Object
35
36
37
38
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 35
def requested_response_types
types = Array(@params[:response_types]).compact_blank
types.presence || server_response_types
end
|
#token_endpoint_auth_method ⇒ Object
27
28
29
|
# File 'lib/doorkeeper/openid_connect/oauth/dynamic_registration_request.rb', line 27
def token_endpoint_auth_method
@params[:token_endpoint_auth_method].presence || DEFAULT_TOKEN_ENDPOINT_AUTH_METHOD
end
|