Class: UserApiKeyClientsController

Inherits:
ApplicationController show all
Defined in:
app/controllers/user_api_key_clients_controller.rb

Constant Summary

Constants inherited from ApplicationController

ApplicationController::CHALLENGE_KEY, ApplicationController::HONEYPOT_KEY, ApplicationController::LEGACY_NO_THEMES, ApplicationController::LEGACY_NO_UNOFFICIAL_PLUGINS, ApplicationController::NO_PLUGINS, ApplicationController::NO_THEMES, ApplicationController::NO_UNOFFICIAL_PLUGINS, ApplicationController::SAFE_MODE

Constants included from CanonicalURL::ControllerExtensions

CanonicalURL::ControllerExtensions::ALLOWED_CANONICAL_PARAMS

Instance Attribute Summary

Attributes inherited from ApplicationController

#theme_id

Instance Method Summary collapse

Methods inherited from ApplicationController

#application_layout, #can_cache_content?, #clear_notifications, #conditionally_allow_site_embedding, #current_homepage, #discourse_expires_in, #dont_cache_page, #ember_cli_required?, #fetch_user_from_params, #guardian, #handle_permalink, #handle_theme, #handle_unverified_request, #has_escaped_fragment?, #immutable_for, #login_method, #no_cookies, #perform_refresh_session, #post_ids_including_replies, #preload_json, #rate_limit_second_factor!, #redirect_with_client_support, #render_json_dump, #render_serialized, requires_plugin, #rescue_discourse_actions, #resolve_safe_mode, #secure_session, #serialize_data, #set_current_user_for_logs, #set_layout, #set_mobile_view, #set_mp_snapshot_fields, #show_browser_update?, #store_preloaded, #use_crawler_layout?, #with_resolved_locale

Methods included from VaryHeader

#ensure_vary_header

Methods included from ThemeResolver

resolve_theme_id

Methods included from ReadOnlyMixin

#add_readonly_header, #allowed_in_staff_writes_only_mode?, #block_if_readonly_mode, #check_readonly_mode, #get_or_check_readonly_mode, #get_or_check_staff_writes_only_mode, included, #staff_writes_only_mode?

Methods included from Hijack

#hijack

Methods included from GlobalPath

#cdn_path, #cdn_relative_path, #full_cdn_url, #path, #upload_cdn_path

Methods included from JsonError

#create_errors_json

Methods included from CanonicalURL::ControllerExtensions

#canonical_url, #default_canonical, included

Methods included from CurrentUser

#clear_current_user, #current_user, has_auth_cookie?, #is_api?, #is_user_api?, #log_off_user, #log_on_user, lookup_from_env, #refresh_session

Instance Method Details

#createObject



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# File 'app/controllers/user_api_key_clients_controller.rb', line 14

def create
  rate_limit
  require_params
  validate_params
  ensure_new_client

  client = UserApiKeyClient.new(client_id: params[:client_id])
  client.application_name = params[:application_name]
  client.public_key = params[:public_key]
  client.auth_redirect = params[:auth_redirect]

  ActiveRecord::Base.transaction do
    client.save!
    @scopes.each { |scope| client.scopes.create!(name: scope) }
  end

  if client.persisted?
    render json: success_json
  else
    render json: failed_json
  end
end

#ensure_new_clientObject



51
52
53
# File 'app/controllers/user_api_key_clients_controller.rb', line 51

def ensure_new_client
  raise Discourse::InvalidAccess if UserApiKeyClient.where(client_id: params[:client_id]).exists?
end

#rate_limitObject



37
38
39
# File 'app/controllers/user_api_key_clients_controller.rb', line 37

def rate_limit
  RateLimiter.new(nil, "user-api-key-clients-#{request.remote_ip}", 1, 24.hours).performed!
end

#require_paramsObject



41
42
43
44
# File 'app/controllers/user_api_key_clients_controller.rb', line 41

def require_params
  %i[client_id application_name public_key auth_redirect scopes].each { |p| params.require(p) }
  @scopes = params[:scopes].split(",")
end

#showObject



7
8
9
10
11
12
# File 'app/controllers/user_api_key_clients_controller.rb', line 7

def show
  params.require(:client_id)
  client = UserApiKeyClient.find_by(client_id: params[:client_id])
  raise Discourse::InvalidParameters unless client && client.auth_redirect.present?
  head :ok
end

#validate_paramsObject



46
47
48
49
# File 'app/controllers/user_api_key_clients_controller.rb', line 46

def validate_params
  raise Discourse::InvalidAccess unless UserApiKeyClientScope.allowed.superset?(Set.new(@scopes))
  OpenSSL::PKey::RSA.new(params[:public_key])
end