liquid_feedback_frontend

diff app/main/oauth2/validate.lua @ 1309:32cc544d5a5b

find changesets by author, revision, files, or words in the commit message
Cumulative patch for upcoming frontend version 4
author bsw/jbe
date Sun Jul 15 14:07:29 2018 +0200 (2018-07-15)
parents
children 6077545667ec
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/app/main/oauth2/validate.lua	Sun Jul 15 14:07:29 2018 +0200
     1.3 @@ -0,0 +1,85 @@
     1.4 +if not request.is_post() then
     1.5 +  return execute.view { module = "index", view = "405" }
     1.6 +end
     1.7 +
     1.8 +slot.set_layout(nil, "application/json")
     1.9 +
    1.10 +local function error_result(error_code, description)
    1.11 +  local r = json.object()
    1.12 +  r.error = error_code
    1.13 +  r.error_description = description
    1.14 +  slot.put_into("data", json.export(r))
    1.15 +  request.set_status("400 Bad Request")
    1.16 +end
    1.17 +
    1.18 +local access_token, access_token_err = util.get_access_token()
    1.19 +
    1.20 +if access_token_err then
    1.21 +  if access_token_err == "header_and_param" then
    1.22 +    return error_result("invalid_request", "Access token passed both via header and param")
    1.23 +  end
    1.24 +  error("Error in util.get_access_token")
    1.25 +end
    1.26 +
    1.27 +if not access_token then
    1.28 +  return error_result("invalid_token", "No access token supplied")  
    1.29 +end
    1.30 +
    1.31 +local token = Token:by_token_type_and_token("access", access_token)
    1.32 +
    1.33 +if not token then
    1.34 +  return error_result("invalid_token", "Access token invalid")  
    1.35 +end
    1.36 +
    1.37 +local scopes = {}
    1.38 +for scope in string.gmatch(token.scope, "[^ ]+") do
    1.39 +  local match = string.match(scope, "(.+)_detached$")
    1.40 +  scopes[match or scope] = true
    1.41 +end
    1.42 +local scope_list = {}
    1.43 +for scope in pairs(scopes) do
    1.44 +  scope_list[#scope_list+1] = scope
    1.45 +end
    1.46 +table.sort(scope_list)
    1.47 +local scope = table.concat(scope_list, " ")
    1.48 +
    1.49 +local r = json.object()
    1.50 +r.scope = scope
    1.51 +r.member_id = token.member_id
    1.52 +if token.member.role then
    1.53 +  r.member_is_role = true
    1.54 +end
    1.55 +if token.session then
    1.56 +  r.real_member_id = token.session.real_member_id
    1.57 +end
    1.58 +
    1.59 +if param.get("include_member", atom.boolean) then
    1.60 +  if scopes.identification or scopes.authentication then
    1.61 +    local member = token.member
    1.62 +    r.member = json.object{
    1.63 +      id = member.id,
    1.64 +      name = member.name,
    1.65 +    }
    1.66 +    if token.session and token.session.real_member then
    1.67 +      r.real_member = json.object{
    1.68 +        id = token.session.real_member.id,
    1.69 +        name = token.session.real_member.name,
    1.70 +      }
    1.71 +    end
    1.72 +    if scopes.identification then
    1.73 +      r.member.identification = member.identification
    1.74 +      if token.session and token.session.real_member then
    1.75 +        r.real_member.identification = token.session.real_member.identification
    1.76 +      end
    1.77 +    end
    1.78 +    if param.get("include_member_notify_email", atom.boolean) then
    1.79 +      r.member.notify_email = member.notify_email
    1.80 +    end
    1.81 +  end
    1.82 +end
    1.83 +
    1.84 +r.logged_in = token.session_id and true or false
    1.85 +slot.put_into("data", json.export(r))
    1.86 +
    1.87 +  
    1.88 +

Impressum / About Us