Sha256: eb7d58d447333ba0f9e933eebee9367344cc5378bfa8c97b415e50b8bb091aea
Contents?: true
Size: 1.49 KB
Versions: 1
Compression:
Stored size: 1.49 KB
Contents
module Doorkeeper module OpenidConnect module Helpers module Controller private def authenticate_resource_owner! owner = super if validate_prompt_param!(owner) && validate_max_age_param!(owner) owner end end def validate_prompt_param!(owner) prompt_values ||= params[:prompt].to_s.split(/ +/) return true unless prompt_values.include?('none') && !owner # clear the previous response body to avoid a DoubleRenderError self.response_body = nil # FIXME: workaround for Rails 5, see https://github.com/rails/rails/issues/25106 @_response_body = nil error = ::Doorkeeper::OAuth::ErrorResponse.new(name: :login_required) response.headers.merge!(error.headers) render json: error.body, status: error.status false end def validate_max_age_param!(owner) max_age = params[:max_age].to_i return true unless max_age > 0 auth_time = instance_exec owner, &Doorkeeper::OpenidConnect.configuration.auth_time_from_resource_owner if !auth_time || (Time.zone.now - auth_time) > max_age instance_exec owner, &Doorkeeper::OpenidConnect.configuration.reauthenticate_resource_owner false else true end end end end end Helpers::Controller.send :prepend, OpenidConnect::Helpers::Controller end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
doorkeeper-openid_connect-1.1.0 | lib/doorkeeper/openid_connect/helpers/controller.rb |