Class: Doorkeeper::RedirectUriValidator

Inherits:
ActiveModel::EachValidator
  • Object
show all
Defined in:
lib/doorkeeper/orm/active_record/redirect_uri_validator.rb

Overview

ActiveModel validator for redirect URI validation in according to OAuth standards and Doorkeeper configuration.

Instance Method Summary collapse

Instance Method Details

#validate_each(record, attribute, value) ⇒ Object



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'lib/doorkeeper/orm/active_record/redirect_uri_validator.rb', line 9

def validate_each(record, attribute, value)
  if value.blank?
    return if Doorkeeper.config.allow_blank_redirect_uri?(record)

    record.errors.add(attribute, :blank)
  else
    value.split.each do |val|
      next if oob_redirect_uri?(val)

      uri = ::URI.parse(val)
      record.errors.add(attribute, :forbidden_uri) if forbidden_uri?(uri)
      record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
      record.errors.add(attribute, :unspecified_scheme) if unspecified_scheme?(uri)
      record.errors.add(attribute, :relative_uri) if relative_uri?(uri)
      record.errors.add(attribute, :secured_uri) if invalid_ssl_uri?(uri)
      record.errors.add(attribute, :invalid_uri) if unspecified_host?(uri)
    end
  end
rescue URI::InvalidURIError
  record.errors.add(attribute, :invalid_uri)
end