MCPcopy
hub / github.com/ory/hydra / rejectOAuth2LoginRequest

Method rejectOAuth2LoginRequest

consent/handler.go:549–600  ·  view source on GitHub ↗

swagger:route PUT /admin/oauth2/auth/requests/login/reject oAuth2 rejectOAuth2LoginRequest # Reject OAuth 2.0 Login Request When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service abou

(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

547// Extensions:
548// x-ory-ratelimit-bucket: hydra-admin-low
549func (h *Handler) rejectOAuth2LoginRequest(w http.ResponseWriter, r *http.Request) {
550 var err error
551 ctx, span := h.r.Tracer(r.Context()).Tracer().Start(r.Context(), "consent.rejectOAuth2LoginRequest")
552 defer otelx.End(span, &err)
553
554 challenge := cmp.Or(
555 r.URL.Query().Get("login_challenge"),
556 r.URL.Query().Get("challenge"),
557 )
558
559 if challenge == "" {
560 h.r.Writer().WriteError(w, r, errors.WithStack(fosite.ErrInvalidRequest.WithHint(`Query parameter 'challenge' is not defined but should have been.`)))
561 return
562 }
563
564 var payload flow.RequestDeniedError
565 if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
566 h.r.Writer().WriteError(w, r, errors.WithStack(fosite.ErrInvalidRequest.WithWrap(err).WithHintf("Unable to decode body because: %s", err)))
567 return
568 }
569
570 payload.Valid = true
571 payload.SetDefaults(flow.LoginRequestDeniedErrorName)
572 f, err := flow.DecodeFromLoginChallenge(ctx, h.r, challenge)
573 if err != nil {
574 h.r.Writer().WriteError(w, r, err)
575 return
576 }
577
578 if err := f.HandleLoginError(&payload); err != nil {
579 h.r.Writer().WriteError(w, r, errors.WithStack(err))
580 return
581 }
582
583 verifier, err := f.ToLoginVerifier(ctx, h.r)
584 if err != nil {
585 h.r.Writer().WriteError(w, r, err)
586 return
587 }
588
589 ru, err := url.Parse(f.RequestURL)
590 if err != nil {
591 h.r.Writer().WriteError(w, r, err)
592 return
593 }
594
595 events.Trace(ctx, events.LoginRejected, events.WithClientID(f.Client.GetID()), events.WithSubject(f.Subject))
596
597 h.r.Writer().Write(w, r, &flow.OAuth2RedirectTo{
598 RedirectTo: urlx.SetQuery(ru, url.Values{"login_verifier": {verifier}}).String(),
599 })
600}
601
602// Get OAuth 2.0 Consent Request
603//

Callers

nothing calls this directly

Calls 15

SetDefaultsMethod · 0.95
DecodeFromLoginChallengeFunction · 0.92
TraceFunction · 0.92
WithClientIDFunction · 0.92
WithSubjectFunction · 0.92
WithHintMethod · 0.80
WithHintfMethod · 0.80
WithWrapMethod · 0.80
HandleLoginErrorMethod · 0.80
ToLoginVerifierMethod · 0.80
TracerMethod · 0.65
GetMethod · 0.65

Tested by

no test coverage detected