swagger:route PUT /admin/oauth2/auth/requests/consent/accept oAuth2 acceptOAuth2ConsentRequest # Accept OAuth 2.0 Consent Request When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If
(w http.ResponseWriter, r *http.Request)
| 723 | // Extensions: |
| 724 | // x-ory-ratelimit-bucket: hydra-admin-low |
| 725 | func (h *Handler) acceptOAuth2ConsentRequest(w http.ResponseWriter, r *http.Request) { |
| 726 | var err error |
| 727 | ctx, span := h.r.Tracer(r.Context()).Tracer().Start(r.Context(), "consent.acceptOAuth2ConsentRequest") |
| 728 | defer otelx.End(span, &err) |
| 729 | |
| 730 | challenge := cmp.Or( |
| 731 | r.URL.Query().Get("consent_challenge"), |
| 732 | r.URL.Query().Get("challenge"), |
| 733 | ) |
| 734 | if challenge == "" { |
| 735 | h.r.Writer().WriteError(w, r, errors.WithStack(fosite.ErrInvalidRequest.WithHint(`Query parameter 'challenge' is not defined but should have been.`))) |
| 736 | return |
| 737 | } |
| 738 | |
| 739 | var payload flow.AcceptOAuth2ConsentRequest |
| 740 | if err := json.NewDecoder(r.Body).Decode(&payload); err != nil { |
| 741 | h.r.Writer().WriteErrorCode(w, r, http.StatusBadRequest, errors.WithStack(err)) |
| 742 | return |
| 743 | } |
| 744 | |
| 745 | f, err := flow.DecodeFromConsentChallenge(ctx, h.r, challenge) |
| 746 | if err != nil { |
| 747 | h.r.Writer().WriteError(w, r, errors.WithStack(err)) |
| 748 | return |
| 749 | } |
| 750 | |
| 751 | if err := f.HandleConsentRequest(&payload); err != nil { |
| 752 | h.r.Writer().WriteError(w, r, errors.WithStack(err)) |
| 753 | return |
| 754 | } |
| 755 | |
| 756 | ru, err := url.Parse(f.RequestURL) |
| 757 | if err != nil { |
| 758 | h.r.Writer().WriteError(w, r, err) |
| 759 | return |
| 760 | } |
| 761 | |
| 762 | verifier, err := f.ToConsentVerifier(ctx, h.r) |
| 763 | if err != nil { |
| 764 | h.r.Writer().WriteError(w, r, err) |
| 765 | return |
| 766 | } |
| 767 | |
| 768 | events.Trace(ctx, events.ConsentAccepted, events.WithClientID(f.Client.GetID()), events.WithSubject(f.Subject)) |
| 769 | h.r.Writer().Write(w, r, &flow.OAuth2RedirectTo{ |
| 770 | RedirectTo: urlx.SetQuery(ru, url.Values{"consent_verifier": {verifier}}).String(), |
| 771 | }) |
| 772 | } |
| 773 | |
| 774 | // Reject OAuth 2.0 Consent Request |
| 775 | // |
nothing calls this directly
no test coverage detected