Git Product home page Git Product logo

Comments (2)

m0n9oose avatar m0n9oose commented on May 27, 2024

But unless params[options.response_type] condition is incorrect if

It looks like it should be executed only if option :response_type is set to code

I'd say we can go with 2nd option, but it's worth to consider extracting check to separate method or at least local variable to make this check a bit more clear, like

valid_code = params.key?('code') && options.response_type == 'code'
return fail!(
  :missing_code,
  OmniAuth::OpenIDConnect::MissingCodeError.new(params['error'])
) unless valid_code

from omniauth_openid_connect.

januszm avatar januszm commented on May 27, 2024

Sure, to keep it simple we can add support for id_token first, like:

return fail!(:missing_code, OmniAuth::OpenIDConnect::MissingCodeError.new(params['error'])) unless valid_code?
return fail!(:missing_id_token, OmniAuth::OpenIDConnect::MissingIdTokenError.new(params['error'])) unless valid_id_token?

def valid_code?
  options.response_type == 'code' ? params.key?('code') : true
end
def valid_id_token?
  options.response_type == 'id_token' ? params.key('id_token') : true
end

but that would be a terrible code duplication, so later on we might want to support all possible grant types like this:

SUPPORTED_GRANT_TYPES = %w[code id_token token].freeze

# e.g. for `id_token token`, it is valid if:
(SUPPORTED_GRANT_TYPES & params.keys).sort.join(' ') == options.response_type

or

# the below would mean we implement some kind of errors array
# and return with fail! from the main callback_phase method if there's at least one
options.response_type.split(' ').each do |grant_type|
  unless params.key?(grant_type) && SUPPORTED_GRANT_TYPES.include?(grant_type)
    error_class = "OmniAuth::OpenIDConnect::Missing#{grant_type.classify}Error".constantize
    errors << { :"missing_#{grant_type}" => error_class.new(params['error']) }
  end
end

from omniauth_openid_connect.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.