lib/rodauth/features/oauth_implicit_grant.rb in rodauth-oauth-0.10.4 vs lib/rodauth/features/oauth_implicit_grant.rb in rodauth-oauth-1.0.0.pre.beta1

@@ -1,41 +1,52 @@
 # frozen_string_literal: true
 
+require "rodauth/oauth"
+
 module Rodauth
   Feature.define(:oauth_implicit_grant, :OauthImplicitGrant) do
     depends :oauth_authorize_base
 
-    auth_value_method :use_oauth_implicit_grant_type?, false
+    def oauth_grant_types_supported
+      super | %w[implicit]
+    end
 
-    private
+    def oauth_response_types_supported
+      super | %w[token]
+    end
 
-    def check_valid_response_type?
-      response_type = param_or_nil("response_type")
-
-      response_type.nil? || response_type == "token" || super
+    def oauth_response_modes_supported
+      super | %w[fragment]
     end
 
+    private
+
     def do_authorize(response_params = {}, response_mode = param_or_nil("response_mode"))
-      return super unless param("response_type") == "token" && use_oauth_implicit_grant_type?
+      response_type = param("response_type")
+      return super unless response_type == "token" && supported_response_type?(response_type)
 
       response_mode ||= "fragment"
+
+      redirect_response_error("invalid_request") unless supported_response_mode?(response_mode)
+
       response_params.replace(_do_authorize_token)
 
       response_params["state"] = param("state") if param_or_nil("state")
 
       [response_params, response_mode]
     end
 
     def _do_authorize_token
-      create_params = {
-        oauth_tokens_account_id_column => account_id,
-        oauth_tokens_oauth_application_id_column => oauth_application[oauth_applications_id_column],
-        oauth_tokens_scopes_column => scopes
+      grant_params = {
+        oauth_grants_type_column => "implicit",
+        oauth_grants_oauth_application_id_column => oauth_application[oauth_applications_id_column],
+        oauth_grants_scopes_column => scopes,
+        oauth_grants_account_id_column => account_id
       }
-      oauth_token = generate_oauth_token(create_params, false)
+      oauth_grant = generate_token(grant_params, false)
 
-      json_access_token_payload(oauth_token)
+      json_access_token_payload(oauth_grant)
     end
 
     def authorize_response(params, mode)
       return super unless mode == "fragment"
 
@@ -44,21 +55,11 @@
       params << redirect_url.query if redirect_url.query
       redirect_url.fragment = params.join("&")
       redirect(redirect_url.to_s)
     end
 
-    def oauth_server_metadata_body(*)
-      super.tap do |data|
-        if use_oauth_implicit_grant_type?
-          data[:response_types_supported] << "token"
-          data[:response_modes_supported] << "fragment"
-          data[:grant_types_supported] << "implicit"
-        end
-      end
-    end
-
     def check_valid_response_type?
-      return true if use_oauth_implicit_grant_type? && param_or_nil("response_type") == "token"
+      return true if param_or_nil("response_type") == "token"
 
       super
     end
   end
 end