Class: OmniAuth::Strategies::Gov

Inherits:
OAuth2
  • Object
show all
Defined in:
lib/omniauth/strategies/gov.rb

Instance Method Summary collapse

Instance Method Details

#authorize_paramsObject

rubocop:disable Metrics/AbcSize, Metrics/MethodLength



62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/omniauth/strategies/gov.rb', line 62

def authorize_params # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
  options.authorize_params[:state] = SecureRandom.hex(24)
  options.authorize_params[:client_id] = options[:client_id]
  options.authorize_params[:scope] = options[:scope]
  options.authorize_params[:response_type] = 'code'
  options.authorize_params[:nonce] = SecureRandom.hex[0..11]
  params = options.authorize_params
    .merge(options_for("authorize"))
    .merge(pkce_authorize_params)

  session["omniauth.pkce.verifier"] = options.pkce_verifier if options.pkce
  session["omniauth.state"] = params[:state]

  params
end

#build_access_tokenObject 



121
122
123
124
125
126
127
128
129
 
# File 'lib/omniauth/strategies/gov.rb', line 121

def build_access_token
  verifier = request.params["code"]
  
  atoken = client.auth_code.get_token(
    verifier, 
    {"grant_type": "authorization_code", "code": verifier, "redirect_uri": callback_url, "code_verifier": session["omniauth.pkce.verifier"]}, 
    {"Content-Type"  => "application/x-www-form-urlencoded", "Authorization" => "Basic #{Base64.strict_encode64(options.client_id+":"+options.client_secret)}" })
  atoken
end

#callback_urlObject 



78
79
80
81
82
 
# File 'lib/omniauth/strategies/gov.rb', line 78

def callback_url
  full_host = OmniAuth.config.full_host
  callback_path = options.callback_path
  normalize_url(full_host+callback_path)
end

#clientObject 



42
43
44
45
 
# File 'lib/omniauth/strategies/gov.rb', line 42

def client
  options.client_options.merge!({connection_opts: {request: {params_encoder: GovBr::ParamsEncoder}}})
  ::OAuth2::Client.new(options.client_id, options.client_secret, deep_symbolize(options.client_options))
end

#normalize_url(url, force_https: true, strip_trailing_slash: true) ⇒ Object 



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/omniauth/strategies/gov.rb', line 84

def normalize_url(url, force_https: true, strip_trailing_slash: true)
  url = url.strip

  # Adiciona protocolo se não existir
  url = "http://#{url}" unless url =~ %r{^https?://}i

  begin
    uri = URI.parse(url)

    # Força HTTPS se habilitado
    uri.scheme = force_https ? "https" : (uri.scheme || "http")

    # Normaliza host
    uri.host = uri.host.downcase if uri.host

    # Normaliza path:
    if uri.path
      # Troca // repetidos por /
      uri.path = uri.path.gsub(%r{/+}, "/")
      # Remove barra final se configurado (mas não no caso de root "/")
      if strip_trailing_slash && uri.path != "/" && uri.path.end_with?("/")
        uri.path = uri.path.chomp("/")
      end
    end

    # Ordena query params (se houver)
    if uri.query
      query_params = URI.decode_www_form(uri.query).uniq.sort
      uri.query = URI.encode_www_form(query_params)
    end

    uri.to_s
  rescue URI::InvalidURIError
    nil
  end
end

#prune!(hash) ⇒ Object 



55
56
57
58
59
60
 
# File 'lib/omniauth/strategies/gov.rb', line 55

def prune!(hash)
  hash.delete_if do |_, value|
    prune!(value) if value.is_a?(Hash)
    value.nil? || (value.respond_to?(:empty?) && value.empty?)
  end
end

#raw_infoObject 



51
52
53
 
# File 'lib/omniauth/strategies/gov.rb', line 51

def raw_info
  @raw_info ||= JWT.decode(credentials["id_token"], nil, false)[0]
end

#request_phaseObject 



47
48
49
 
# File 'lib/omniauth/strategies/gov.rb', line 47

def request_phase
  redirect client.auth_code.authorize_url({:redirect_uri => callback_url}.merge(authorize_params))
end