rule oauth_authorize_initialize_requests {
select when oauth authorize
if not ent:requests then noop()
fired {
ent:requests := {}
}
}
rule oauth_authorize_check_client_id {
select when oauth authorize
pre {
client_id = event:attr("client_id")
client = getClient(client_id)
}
if not client then
send_directive("error") with error = "Unknown client " + client_id
}
rule oauth_authorize_check_redirect_uri {
select when oauth authorize
pre {
client_id = event:attr("client_id")
client = getClient(client_id)
redirect_uri = event:attr("redirect_uri")
}
if client && not (client{"redirect_uris"} >< redirect_uri) then
send_directive("error") with error = "Invalid redirect URI"
}
rule oauth_authorize_render_approve {
select when oauth authorize
pre {
client_id = event:attr("client_id")
client = getClient(client_id)
redirect_uri = event:attr("redirect_uri")
reqid = uuid.uuid()
}
if client && client{"redirect_uris"} >< redirect_uri then
send_directive("approve") with
client = client
reqid = reqid
fired {
ent:requests{reqid} := event:attrs()
}
}
|
var requests = {};
app.get("/authorize", function(req, res){
var client = getClient(req.query.client_id);
if (!client) {
console.log('Unknown client %s', req.query.client_id);
res.render('error', {error: 'Unknown client'});
return;
} else if (!__.contains(client.redirect_uris, req.query.redirect_uri)) {
console.log('Mismatched redirect URI, expected %s got %s', client.redirect_uris, req.query.redirect_uri);
res.render('error', {error: 'Invalid redirect URI'});
return;
} else {
var reqid = randomstring.generate(8);
requests[reqid] = req.query;
res.render('approve', {client: client, reqid: reqid});
}
});
|