-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathauthorize_response_writer.go
39 lines (30 loc) · 1.16 KB
/
authorize_response_writer.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
// Copyright © 2023 Ory Corp
// SPDX-License-Identifier: Apache-2.0
package oauth2
import (
"context"
"net/http"
"net/url"
"authelia.com/provider/oauth2/x/errorsx"
)
func (f *Fosite) NewAuthorizeResponse(ctx context.Context, requester AuthorizeRequester, session Session) (responder AuthorizeResponder, err error) {
var response = &AuthorizeResponse{
Header: http.Header{},
Parameters: url.Values{},
}
ctx = context.WithValue(ctx, AuthorizeRequestContextKey, requester)
ctx = context.WithValue(ctx, AuthorizeResponseContextKey, response)
requester.SetSession(session)
for _, h := range f.Config.GetAuthorizeEndpointHandlers(ctx) {
if err = h.HandleAuthorizeEndpointRequest(ctx, requester, response); err != nil {
return nil, err
}
}
if !requester.DidHandleAllResponseTypes() {
return nil, errorsx.WithStack(ErrUnsupportedResponseType)
}
if requester.GetDefaultResponseMode() == ResponseModeFragment && requester.GetResponseMode() == ResponseModeQuery {
return nil, ErrUnsupportedResponseMode.WithHintf("Insecure response_mode '%s' for the response_type '%s'.", requester.GetResponseMode(), requester.GetResponseTypes())
}
return response, nil
}