liquid_feedback_frontend

diff model/dynamic_application_scope.lua @ 1309:32cc544d5a5b

find changesets by author, revision, files, or words in the commit message
Cumulative patch for upcoming frontend version 4
author bsw/jbe
date Sun Jul 15 14:07:29 2018 +0200 (2018-07-15)
parents
children
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/model/dynamic_application_scope.lua	Sun Jul 15 14:07:29 2018 +0200
     1.3 @@ -0,0 +1,73 @@
     1.4 +DynamicApplicationScope = mondelefant.new_class()
     1.5 +DynamicApplicationScope.table = 'dynamic_application_scope'
     1.6 +DynamicApplicationScope.primary_key = { "redirect_uri", "flow", "scope" }
     1.7 +
     1.8 +function DynamicApplicationScope:by_redirect_uri_and_flow(redirect_uri, flow)
     1.9 +  local dynamic_application_scopes = self:new_selector()
    1.10 +    :add_where{ "redirect_uri = ?", redirect_uri }
    1.11 +    :add_where{ "flow = ?", flow }
    1.12 +    :add_where("expiry >= now()")
    1.13 +    :exec()
    1.14 +  return dynamic_application_scopes
    1.15 +end
    1.16 +
    1.17 +function DynamicApplicationScope:check_scopes(domain, redirect_uri, requested_flow, requested_scopes)
    1.18 +  local function check_scopes(permitted_scopes)
    1.19 +    local missing_scope = false
    1.20 +    for scope in pairs(requested_scopes) do
    1.21 +      if not permitted_scopes[scope] then
    1.22 +        missing_scope = true
    1.23 +      end
    1.24 +    end
    1.25 +    return missing_scope
    1.26 +  end
    1.27 +
    1.28 +  local registered = false
    1.29 +  local missing_scope = false
    1.30 +
    1.31 +  local dynamic_application_scopes = DynamicApplicationScope:by_redirect_uri_and_flow(redirect_uri, requested_flow)
    1.32 +
    1.33 +  if #dynamic_application_scopes > 0 then
    1.34 +    registered = true
    1.35 +    local permitted_scopes = {}
    1.36 +    for i, dynamic_application_scope in ipairs(dynamic_application_scopes) do
    1.37 +      permitted_scopes[dynamic_application_scope.scope] = true
    1.38 +    end
    1.39 +    missing_scope = check_scopes(permitted_scopes)
    1.40 +  end
    1.41 +  
    1.42 +  if not registered or missing_scope then
    1.43 +    local output, err, status = config.oauth2.host_func("_liquidfeedback_client." .. domain)
    1.44 +    if output == nil then
    1.45 +      error("Cannot execute host_func command")
    1.46 +    end
    1.47 +    if status == 0 then
    1.48 +      for line in string.gmatch(output, "[^\r\n]+") do
    1.49 +        local flow, result = string.match(line, '"dynamic client v1" "([^"]+)" (.+)$')
    1.50 +        if flow == requested_flow then
    1.51 +          registered = true
    1.52 +          local permitted_scopes = {}
    1.53 +          local wildcard = false
    1.54 +          for entry in string.gmatch(result, '"([^"]+)"') do
    1.55 +            if entry == "*" then
    1.56 +              wildcard = true
    1.57 +              break
    1.58 +            end
    1.59 +            permitted_scopes[entry] = true
    1.60 +          end
    1.61 +          if not wildcard then
    1.62 +            missing_scope = check_scopes(permitted_scopes)
    1.63 +          end
    1.64 +        end
    1.65 +      end
    1.66 +    end
    1.67 +  end
    1.68 +  
    1.69 +  if not registered then
    1.70 +    return "not_registered"
    1.71 +  elseif missing_scope then
    1.72 +    return "missing_scope"
    1.73 +  else
    1.74 +    return "ok"
    1.75 +  end
    1.76 +end

Impressum / About Us