Add missing files, fix formatting
Some checks failed
Some checks failed
This commit is contained in:
Dan Milne
@@ -422,7 +422,11 @@ class OidcController < ApplicationController
|
||||
|
||||
# Record user consent
|
||||
requested_scopes = oauth_params["scope"].split(" ")
|
||||
parsed_claims = JSON.parse(oauth_params["claims_requests"]) rescue {}
|
||||
parsed_claims = begin
|
||||
JSON.parse(oauth_params["claims_requests"])
|
||||
rescue
|
||||
{}
|
||||
end
|
||||
|
||||
consent = OidcUserConsent.find_or_initialize_by(user: user, application: application)
|
||||
consent.scopes_granted = requested_scopes.join(" ")
|
||||
@@ -780,10 +784,10 @@ class OidcController < ApplicationController
|
||||
# Extract access token from Authorization header or POST body
|
||||
# RFC 6750: Bearer token can be in Authorization header, request body, or query string
|
||||
token = if request.headers["Authorization"]&.start_with?("Bearer ")
|
||||
request.headers["Authorization"].sub("Bearer ", "")
|
||||
elsif request.params["access_token"].present?
|
||||
request.params["access_token"]
|
||||
end
|
||||
request.headers["Authorization"].sub("Bearer ", "")
|
||||
elsif request.params["access_token"].present?
|
||||
request.params["access_token"]
|
||||
end
|
||||
|
||||
unless token
|
||||
head :unauthorized
|
||||
@@ -1026,7 +1030,7 @@ class OidcController < ApplicationController
|
||||
end
|
||||
|
||||
# Validate code verifier format (per RFC 7636: [A-Za-z0-9\-._~], 43-128 characters)
|
||||
unless code_verifier.match?(/\A[A-Za-z0-9\.\-_~]{43,128}\z/)
|
||||
unless code_verifier.match?(/\A[A-Za-z0-9.\-_~]{43,128}\z/)
|
||||
return {
|
||||
valid: false,
|
||||
error: "invalid_request",
|
||||
|
||||
45
app/lib/duration_parser.rb
Normal file
45
app/lib/duration_parser.rb
Normal file
@@ -0,0 +1,45 @@
|
||||
class DurationParser
|
||||
UNITS = {
|
||||
"s" => 1, # seconds
|
||||
"m" => 60, # minutes
|
||||
"h" => 3600, # hours
|
||||
"d" => 86400, # days
|
||||
"w" => 604800, # weeks
|
||||
"M" => 2592000, # months (30 days)
|
||||
"y" => 31536000 # years (365 days)
|
||||
}
|
||||
|
||||
# Parse a duration string into seconds
|
||||
# Accepts formats: "1h", "30m", "1d", "1M" (month), "3600" (plain number)
|
||||
# Returns integer seconds or nil if invalid
|
||||
# Case-sensitive: 1s, 1m, 1h, 1d, 1w, 1M (month), 1y
|
||||
def self.parse(input)
|
||||
# Handle integers directly
|
||||
return input if input.is_a?(Integer)
|
||||
|
||||
# Convert to string and strip whitespace
|
||||
str = input.to_s.strip
|
||||
|
||||
# Return nil for blank input
|
||||
return nil if str.blank?
|
||||
|
||||
# Try to parse as plain number (already in seconds)
|
||||
if str.match?(/^\d+$/)
|
||||
return str.to_i
|
||||
end
|
||||
|
||||
# Try to parse with unit (e.g., "1h", "30m", "1M")
|
||||
# Allow optional space between number and unit
|
||||
# Case-sensitive to avoid confusion (1m = minute, 1M = month)
|
||||
match = str.match(/^(\d+)\s*([smhdwMy])$/)
|
||||
return nil unless match
|
||||
|
||||
number = match[1].to_i
|
||||
unit = match[2]
|
||||
|
||||
multiplier = UNITS[unit]
|
||||
return nil unless multiplier
|
||||
|
||||
number * multiplier
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user