Module: Doorkeeper::OpenidConnect::Helpers::Controller
- Includes:
- ErrorResponse, MaxAge, Prompt, TokenMatching
- Defined in:
- lib/doorkeeper/openid_connect/helpers/controller.rb,
lib/doorkeeper/openid_connect/helpers/controller/prompt.rb,
lib/doorkeeper/openid_connect/helpers/controller/max_age.rb,
lib/doorkeeper/openid_connect/helpers/controller/error_response.rb,
lib/doorkeeper/openid_connect/helpers/controller/token_matching.rb
Defined Under Namespace
Modules: ErrorResponse, MaxAge, Prompt, TokenMatching
Class Method Summary collapse
-
.reset_auth_time_deprecation_warning! ⇒ Object
Reset the deprecation flag (test helper).
- .warn_auth_time_from_resource_owner_deprecation ⇒ Object
Class Method Details
.reset_auth_time_deprecation_warning! ⇒ Object
Reset the deprecation flag (test helper).
31 32 33 |
# File 'lib/doorkeeper/openid_connect/helpers/controller.rb', line 31 def self.reset_auth_time_deprecation_warning! @auth_time_from_resource_owner_deprecation_warned = false end |
.warn_auth_time_from_resource_owner_deprecation ⇒ Object
16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'lib/doorkeeper/openid_connect/helpers/controller.rb', line 16 def self.warn_auth_time_from_resource_owner_deprecation return if @auth_time_from_resource_owner_deprecation_warned @auth_time_from_resource_owner_deprecation_warned = true warn "DEPRECATION WARNING: `auth_time_from_resource_owner` is deprecated for " \ "`max_age` enforcement because it cannot distinguish between concurrent " \ "sessions of the same user, which is a security issue (see " \ "https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/150). " \ "Please configure `auth_time_from_session` to derive auth_time from the " \ "current session instead. The `auth_time_from_resource_owner` callback " \ "continues to be used as a fallback and for the `auth_time` claim on the " \ "ID Token." end |