liquid_feedback_frontend
view app/main/oauth2/_authorization.lua @ 1438:d55f506f032b
Order unit list in member admin page
| author | bsw |
|---|---|
| date | Thu Oct 18 11:19:05 2018 +0200 (2018-10-18) |
| parents | 32cc544d5a5b |
| children |
line source
1 local member_id = param.get("member_id", atom.integer)
2 local system_application_id = param.get("system_application_id", atom.integer)
3 local domain = param.get("domain")
4 local session_id = param.get("session_id", atom.integer)
5 local redirect_uri = param.get("redirect_uri")
6 local redirect_uri_explicit = param.get("redirect_uri_explicit", atom.boolean)
7 local scopes = param.get("scopes", "table")
8 local state = param.get("state")
9 local response_type = param.get("response_type")
11 if response_type == "code" then
13 local token = Token:create_authorization(
14 member_id,
15 system_application_id,
16 domain,
17 session_id,
18 redirect_uri,
19 redirect_uri_explicit,
20 scopes,
21 state
22 )
24 request.redirect{
25 external = redirect_uri,
26 params = { code = token.token, state = state }
27 }
30 elseif response_type == "token" then
32 local expiry = db:query({ "SELECT now() + (? || 'sec')::interval AS access", config.oauth2.access_token_lifetime }, "object").access
34 local anchor_params = {
35 state = state,
36 expires_in = config.oauth2.access_token_lifetime,
37 token_type = "bearer"
38 }
40 for i = 0, #scopes do
41 if scopes[i] then
42 local access_token = Token:new()
43 access_token.token_type = "access"
44 access_token.member_id = member_id
45 access_token.system_application_id = system_application_id
46 access_token.domain = domain
47 access_token.session_id = session_id
48 access_token.expiry = expiry
49 access_token.scope = scopes[i]
50 access_token:save()
51 local index = i == 0 and "" or i
52 anchor_params["access_token" .. index] = access_token.token
53 end
54 end
56 local anchor_params_list = {}
57 for k, v in pairs(anchor_params) do
58 anchor_params_list[#anchor_params_list+1] = k .. "=" .. encode.url_part(v)
59 end
60 local anchor = table.concat(anchor_params_list, "&")
62 request.redirect{
63 external = redirect_uri .. "#" .. anchor
64 }
66 else
68 error("Internal error, should not happen")
70 end