Class: AtomicLti::OpenId

Inherits:
Object
  • Object
show all
Defined in:
app/lib/atomic_lti/open_id.rb

Class Method Summary collapse

Class Method Details

.generate_stateObject 



29
30
31
32
33
34
 
# File 'app/lib/atomic_lti/open_id.rb', line 29

def self.generate_state
  nonce = SecureRandom.hex(64)
  state = SecureRandom.hex(32)
  AtomicLti::OpenIdState.create!(nonce: nonce, state: state)
  [nonce, state]
end

.validate_state(nonce, state, destroy_state) ⇒ Object 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'app/lib/atomic_lti/open_id.rb', line 3

def self.validate_state(nonce, state, destroy_state)
  if state.blank?
    return false
  end

  open_id_state = AtomicLti::OpenIdState.find_by(state: state)
  if !open_id_state
    return false
  end

  if destroy_state
    open_id_state.destroy
  end

  # Check that the state hasn't expired
  if open_id_state.created_at < 10.minutes.ago
    return false
  end

  if nonce != open_id_state.nonce
    return false
  end

  true
end