Module: Himari::RackOAuth2Ext

Defined in:

lib/himari/rack_oauth2_ext.rb

Overview

RFC 9207 Authorization Server Issuer Identification, implemented as extensions to rack-oauth2.

rack-oauth2 builds the grant redirect from the response object handed to the authorization endpoint block, but constructs and finishes error redirects internally (Authorize#_call rescues and calls e.finish), so those error objects are out of reach. Instead we teach rack-oauth2 to carry an ‘iss` through both: the issuer is set on the request/response, and the response classes merge it into their protocol_params (the parameters rack-oauth2 places on the redirect). Errors copy it from the request the same way they copy state/redirect_uri.

Defined Under Namespace

Modules: ErrorIssuerParam, IssuerParam, RequestIssuer