Class: Himari::Services::ClientRegistrationEndpoint

Inherits:

Object

Object
Himari::Services::ClientRegistrationEndpoint

show all

Defined in:: lib/himari/services/client_registration_endpoint.rb

Overview

RFC 7591 OAuth 2.0 Dynamic Client Registration endpoint. Accepts a JSON client metadata document via POST, persists a Himari::DynamicClientRegistration, and returns the client information response (including a one-time client_secret for confidential clients).

Instance Method Summary collapse

#app ⇒ Object
#call(env) ⇒ Object
#initialize(storage:, registration_lifetime: Himari::DynamicClientRegistration::REGISTRATION_LIFETIME, ignore_localhost_redirect_uri_port: true, logger: nil) ⇒ ClientRegistrationEndpoint constructor

A new instance of ClientRegistrationEndpoint.

Constructor Details

#initialize(storage:, registration_lifetime: Himari::DynamicClientRegistration::REGISTRATION_LIFETIME, ignore_localhost_redirect_uri_port: true, logger: nil) ⇒ `ClientRegistrationEndpoint`

Returns a new instance of ClientRegistrationEndpoint.

Parameters:

storage (Himari::Storages::Base)
registration_lifetime (Integer) (defaults to: Himari::DynamicClientRegistration::REGISTRATION_LIFETIME) —

seconds a registration stays valid
ignore_localhost_redirect_uri_port (Boolean) (defaults to: true) —

relax loopback redirect_uri ports for registered clients (default true; see RFC 8252 §7.3)
logger (Logger, nil) (defaults to: nil)

# File 'lib/himari/services/client_registration_endpoint.rb', line 19

def initialize(storage:, registration_lifetime: Himari::DynamicClientRegistration::REGISTRATION_LIFETIME, ignore_localhost_redirect_uri_port: true, logger: nil)
  @storage = storage
  @registration_lifetime = registration_lifetime
  @ignore_localhost_redirect_uri_port = ignore_localhost_redirect_uri_port
  @logger = logger
end

Instance Method Details

#app ⇒ `Object`



26
27
28

# File 'lib/himari/services/client_registration_endpoint.rb', line 26

def app
  self
end

#call(env) ⇒ `Object`

# File 'lib/himari/services/client_registration_endpoint.rb', line 30

def call(env)
  request = Rack::Request.new(env)
  return error_response(405, :invalid_request, 'method not allowed') unless request.post?

  metadata = parse_body(request)
  return error_response(400, :invalid_client_metadata, 'request body must be a JSON object') unless metadata

  client = Himari::DynamicClientRegistration.register(
    metadata: metadata,
    lifetime: @registration_lifetime,
    ignore_localhost_redirect_uri_port: @ignore_localhost_redirect_uri_port,
    registration_ip: request.ip,
    registration_remote_addr: env['REMOTE_ADDR'],
    registration_x_forwarded_for: env['HTTP_X_FORWARDED_FOR'],
  )
  @storage.put_dynamic_client(client)

  @logger&.info(Himari::LogLine.new('ClientRegistrationEndpoint: registered', req: env['himari.request_as_log'], client: client.as_log))

  json_response(201, client.registration_response)
rescue Himari::DynamicClientRegistration::ValidationError => e
  @logger&.warn(Himari::LogLine.new('ClientRegistrationEndpoint: rejected', req: env['himari.request_as_log'], err: e.error_code, message: e.message))
  error_response(400, e.error_code, e.message)
end