techhub/mastodon
2
0
Fork 0
Code Activity

Implement RFC 8414 for OAuth 2.0 server metadata (#29191)

Browse Source
This commit is contained in:
Emelia Smith
2024-05-06 15:17:56 +02:00
committed by GitHub
parent 30ef9fccf0
commit 116f01ec7d
5 changed files with 137 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
app/presenters/oauth_metadata_presenter.rb Normal file
View File

@@ -0,0 +1,67 @@
# frozen_string_literal: true
class OauthMetadataPresenter < ActiveModelSerializers::Model
include RoutingHelper
attributes :issuer, :authorization_endpoint, :token_endpoint,
:revocation_endpoint, :scopes_supported,
:response_types_supported, :response_modes_supported,
:grant_types_supported, :token_endpoint_auth_methods_supported,
:service_documentation, :app_registration_endpoint
def issuer
root_url
end
def service_documentation
'https://docs.joinmastodon.org/'
end
def authorization_endpoint
oauth_authorization_url
end
def token_endpoint
oauth_token_url
end
# As the api_v1_apps route doesn't technically conform to the specification
# for OAuth 2.0 Dynamic Client Registration defined in RFC 7591 we use a
# non-standard property for now to indicate the mastodon specific registration
# endpoint. See: https://datatracker.ietf.org/doc/html/rfc7591
def app_registration_endpoint
api_v1_apps_url
end
def revocation_endpoint
oauth_revoke_url
end
def scopes_supported
doorkeeper.scopes
end
def response_types_supported
doorkeeper.authorization_response_types
end
def response_modes_supported
doorkeeper.authorization_response_flows.flat_map(&:response_mode_matches).uniq
end
def grant_types_supported
grant_types_supported = doorkeeper.grant_flows.dup
grant_types_supported << 'refresh_token' if doorkeeper.refresh_token_enabled?
grant_types_supported
end
def token_endpoint_auth_methods_supported
%w(client_secret_basic client_secret_post)
end
private
def doorkeeper
@doorkeeper ||= Doorkeeper.configuration
end
end