MCPcopy
hub / github.com/ory/hydra / authorizeRequestFromPAR

Method authorizeRequestFromPAR

fosite/authorize_request_handler.go:284–328  ·  view source on GitHub ↗
(ctx context.Context, r *http.Request, request *AuthorizeRequest)

Source from the content-addressed store, hash-verified

282}
283
284func (f *Fosite) authorizeRequestFromPAR(ctx context.Context, r *http.Request, request *AuthorizeRequest) (bool, error) {
285 configProvider, ok := f.Config.(PushedAuthorizeRequestConfigProvider)
286 if !ok {
287 // If the config provider is not implemented, PAR cannot be used.
288 return false, nil
289 }
290
291 requestURI := r.Form.Get("request_uri")
292 if requestURI == "" || !strings.HasPrefix(requestURI, configProvider.GetPushedAuthorizeRequestURIPrefix(ctx)) {
293 // nothing to do here
294 return false, nil
295 }
296
297 clientID := r.Form.Get("client_id")
298
299 storage, ok := f.Store.(PARStorageProvider)
300 if !ok {
301 return false, errorsx.WithStack(ErrServerError.WithHint(ErrorPARNotSupported).WithDebug(DebugPARStorageInvalid))
302 }
303
304 // hydrate the requester
305 var parRequest AuthorizeRequester
306 var err error
307 if parRequest, err = storage.PARStorage().GetPARSession(ctx, requestURI); err != nil {
308 return false, errorsx.WithStack(ErrInvalidRequestURI.WithHint("Invalid PAR session").WithWrap(err).WithDebug(err.Error()))
309 }
310
311 // hydrate the request object
312 request.Merge(parRequest)
313 request.RedirectURI = parRequest.GetRedirectURI()
314 request.ResponseTypes = parRequest.GetResponseTypes()
315 request.State = parRequest.GetState()
316 request.ResponseMode = parRequest.GetResponseMode()
317
318 if err := storage.PARStorage().DeletePARSession(ctx, requestURI); err != nil {
319 return false, errorsx.WithStack(ErrServerError.WithWrap(err).WithDebug(err.Error()))
320 }
321
322 // validate the clients match
323 if clientID != request.GetClient().GetID() {
324 return false, errorsx.WithStack(ErrInvalidRequest.WithHint("The 'client_id' must match the one sent in the pushed authorization request."))
325 }
326
327 return true, nil
328}
329
330func (f *Fosite) NewAuthorizeRequest(ctx context.Context, r *http.Request) (_ AuthorizeRequester, err error) {
331 ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("github.com/ory/hydra/v2/fosite").Start(ctx, "Fosite.NewAuthorizeRequest")

Callers 1

newAuthorizeRequestMethod · 0.95

Calls 15

GetRedirectURIMethod · 0.95
GetResponseTypesMethod · 0.95
GetStateMethod · 0.95
GetResponseModeMethod · 0.95
HasPrefixMethod · 0.80
WithDebugMethod · 0.80
WithHintMethod · 0.80
WithWrapMethod · 0.80
GetMethod · 0.65
GetPARSessionMethod · 0.65
PARStorageMethod · 0.65

Tested by

no test coverage detected