liquid_feedback_frontend

diff app/main/oauth2/_authorization.lua @ 1309:32cc544d5a5b

find changesets by author, revision, files, or words in the commit message
Cumulative patch for upcoming frontend version 4
author bsw/jbe
date Sun Jul 15 14:07:29 2018 +0200 (2018-07-15)
parents
children
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/app/main/oauth2/_authorization.lua	Sun Jul 15 14:07:29 2018 +0200
     1.3 @@ -0,0 +1,70 @@
     1.4 +local member_id = param.get("member_id", atom.integer)
     1.5 +local system_application_id = param.get("system_application_id", atom.integer)
     1.6 +local domain = param.get("domain")
     1.7 +local session_id = param.get("session_id", atom.integer)
     1.8 +local redirect_uri = param.get("redirect_uri")
     1.9 +local redirect_uri_explicit = param.get("redirect_uri_explicit", atom.boolean)
    1.10 +local scopes = param.get("scopes", "table")
    1.11 +local state = param.get("state")
    1.12 +local response_type = param.get("response_type")
    1.13 +
    1.14 +if response_type == "code" then
    1.15 +
    1.16 +  local token = Token:create_authorization(
    1.17 +    member_id,
    1.18 +    system_application_id,
    1.19 +    domain,
    1.20 +    session_id,
    1.21 +    redirect_uri,
    1.22 +    redirect_uri_explicit,
    1.23 +    scopes,
    1.24 +    state
    1.25 +  )
    1.26 +
    1.27 +  request.redirect{ 
    1.28 +    external = redirect_uri,
    1.29 +    params = { code = token.token, state = state }
    1.30 +  }
    1.31 +
    1.32 +  
    1.33 +elseif response_type == "token" then
    1.34 +  
    1.35 +  local expiry = db:query({ "SELECT now() + (? || 'sec')::interval AS access", config.oauth2.access_token_lifetime }, "object").access
    1.36 +
    1.37 +  local anchor_params = {
    1.38 +    state = state,
    1.39 +    expires_in = config.oauth2.access_token_lifetime,
    1.40 +    token_type = "bearer"
    1.41 +  }
    1.42 +  
    1.43 +  for i = 0, #scopes do
    1.44 +    if scopes[i] then
    1.45 +      local access_token = Token:new()
    1.46 +      access_token.token_type = "access"
    1.47 +      access_token.member_id = member_id
    1.48 +      access_token.system_application_id = system_application_id
    1.49 +      access_token.domain = domain
    1.50 +      access_token.session_id = session_id
    1.51 +      access_token.expiry = expiry
    1.52 +      access_token.scope = scopes[i]
    1.53 +      access_token:save()
    1.54 +      local index = i == 0 and "" or i 
    1.55 +      anchor_params["access_token" .. index] = access_token.token
    1.56 +    end
    1.57 +  end
    1.58 +
    1.59 +  local anchor_params_list = {}
    1.60 +  for k, v in pairs(anchor_params) do
    1.61 +    anchor_params_list[#anchor_params_list+1] = k .. "=" .. encode.url_part(v)
    1.62 +  end
    1.63 +  local anchor = table.concat(anchor_params_list, "&")
    1.64 +
    1.65 +  request.redirect{ 
    1.66 +    external = redirect_uri .. "#" .. anchor
    1.67 +  }
    1.68 +  
    1.69 +else
    1.70 +  
    1.71 +  error("Internal error, should not happen")
    1.72 +  
    1.73 +end

Impressum / About Us