Sha256: 5d39aed9027dc5091cf970cd4d810def5a7a3491aa38aa157b78f1fe1853970e
Contents?: true
Size: 1.39 KB
Versions: 3
Compression:
Stored size: 1.39 KB
Contents
# frozen_string_literal: true
require "uri"
class RedirectUriValidator < ActiveModel::EachValidator
def self.native_redirect_uri
Doorkeeper.configuration.native_redirect_uri
end
def validate_each(record, attribute, value)
if value.blank?
return if Doorkeeper.configuration.allow_blank_redirect_uri?(record)
record.errors.add(attribute, :blank)
else
value.split.each do |val|
uri = ::URI.parse(val)
next if native_redirect_uri?(uri)
record.errors.add(attribute, :forbidden_uri) if forbidden_uri?(uri)
record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
record.errors.add(attribute, :secured_uri) if invalid_ssl_uri?(uri)
end
end
rescue URI::InvalidURIError
record.errors.add(attribute, :invalid_uri)
end
private
def native_redirect_uri?(uri)
self.class.native_redirect_uri.present? && uri.to_s == self.class.native_redirect_uri.to_s
end
def forbidden_uri?(uri)
Doorkeeper.configuration.forbid_redirect_uri.call(uri)
end
def invalid_ssl_uri?(uri)
forces_ssl = Doorkeeper.configuration.force_ssl_in_redirect_uri
non_https = uri.try(:scheme) == "http"
if forces_ssl.respond_to?(:call)
forces_ssl.call(uri) && non_https
else
forces_ssl && non_https
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| doorkeeper-5.1.2 | app/validators/redirect_uri_validator.rb |
| doorkeeper-5.1.1 | app/validators/redirect_uri_validator.rb |
| doorkeeper-5.1.0 | app/validators/redirect_uri_validator.rb |