346528214302e5afd22f58a24b4f87712ca4b712-PR-13

defmodule Boruta.Oauth.Error do
  @moduledoc """
  Boruta OAuth errors

  > __Note__: Intended to follow [OAuth 2.0 errors](https://tools.ietf.org/html/rfc6749#section-5.2). Additional errors are provided as purpose.
  """

  alias Boruta.Oauth.CodeRequest
  alias Boruta.Oauth.Error
  alias Boruta.Oauth.HybridRequest
  alias Boruta.Oauth.PreauthorizedCodeRequest
  alias Boruta.Oauth.SiopV2Request
  alias Boruta.Oauth.TokenRequest

  @type t :: %__MODULE__{
          status: :internal_server_error | :bad_request | :unauthorized,
          error:
            :invalid_request
            | :invalid_client
            | :invalid_access_token
            | :invalid_scope
            | :invalid_code
            | :invalid_resource_owner
            | :login_required
            | :unknown_error,
          error_description: String.t(),
          format: :query | :fragment | nil,
          redirect_uri: String.t() | nil,
          state: String.t() | nil
        }

  @enforce_keys [:status, :error, :error_description]
  defstruct status: nil,
            error: nil,
            error_description: nil,
            format: nil,
            redirect_uri: nil,
            state: nil

  @doc """
  Returns the OAuth error augmented with the format according to request type.
  """
  @spec with_format(
          error :: Error.t(),
          request ::
            CodeRequest.t()
            | TokenRequest.t()
            | HybridRequest.t()
            | PreauthorizedCodeRequest.t()
            | SiopV2Request.t()
        ) :: Error.t()
  def with_format(%Error{error: :invalid_client} = error, _) do
    %{error | format: nil, redirect_uri: nil}
  end

  def with_format(
        %Error{error: :invalid_resource_owner} = error,
        %HybridRequest{
          redirect_uri: redirect_uri,
          state: state,
          prompt: "none"
        } = request
      ) do
    %{
      error
      | error: :login_required,
        error_description: "User is not logged in.",
        format: response_mode(request),
        redirect_uri: redirect_uri,
        state: state
    }
  end

  def with_format(%Error{error: :invalid_resource_owner} = error, %CodeRequest{
        redirect_uri: redirect_uri,
        state: state,
        prompt: "none"
      }) do
    %{
      error
      | error: :login_required,
        error_description: "User is not logged in.",
        format: :query,
        redirect_uri: redirect_uri,
        state: state
    }
  end

  def with_format(%Error{error: :invalid_resource_owner} = error, %TokenRequest{
        redirect_uri: redirect_uri,
        state: state,
        prompt: "none"
      }) do
    %{
      error
      | error: :login_required,
        error_description: "User is not logged in.",
        format: :fragment,
        redirect_uri: redirect_uri,
        state: state
    }
  end

  def with_format(%Error{} = error, %CodeRequest{redirect_uri: redirect_uri, state: state}) do
    %{error | format: :query, redirect_uri: redirect_uri, state: state}
  end

  def with_format(%Error{} = error, %SiopV2Request{redirect_uri: redirect_uri, state: state}) do
    %{error | format: :query, redirect_uri: redirect_uri, state: state}
  end

  def with_format(
        %Error{} = error,
        %HybridRequest{redirect_uri: redirect_uri, state: state} = request
      ) do
    %{error | format: response_mode(request), redirect_uri: redirect_uri, state: state}
  end

  def with_format(%Error{} = error, %TokenRequest{redirect_uri: redirect_uri, state: state}) do
    %{error | format: :fragment, redirect_uri: redirect_uri, state: state}
  end

  def with_format(%Error{} = error, %PreauthorizedCodeRequest{
        redirect_uri: redirect_uri,
        state: state
      }) do
    %{error | format: :fragment, redirect_uri: redirect_uri, state: state}
  end

  defp response_mode(%HybridRequest{response_mode: "query"}), do: :query
  defp response_mode(%HybridRequest{response_mode: "fragment"}), do: :fragment
  # fallback to fragment since it is the hybrid default response mode
  defp response_mode(%HybridRequest{response_mode: nil}), do: :fragment

  @doc """
  Returns the URL to be redirected according to error format.
  """
  @spec redirect_to_url(error :: t()) :: url :: String.t()
  def redirect_to_url(%__MODULE__{format: nil}), do: ""

  def redirect_to_url(%__MODULE__{} = error) do
    query_params = query_params(error)

    url(error, query_params)
  end

  defp query_params(%__MODULE__{
         error: error,
         error_description: error_description,
         state: state
       }) do
    %{error: error, error_description: error_description, state: state}
    |> Enum.filter(fn
      {_key, nil} -> false
      _ -> true
    end)
    |> URI.encode_query()
  end

  defp url(%Error{redirect_uri: redirect_uri, format: :query}, query_params),
    do: "#{redirect_uri}?#{query_params}"

  defp url(%Error{redirect_uri: redirect_uri, format: :fragment}, query_params),
    do: "#{redirect_uri}##{query_params}"
end

1	defmodule Boruta.Oauth.Error do
2	@moduledoc """
3	Boruta OAuth errors
4
5	> __Note__: Intended to follow [OAuth 2.0 errors](https://tools.ietf.org/html/rfc6749#section-5.2). Additional errors are provided as purpose.
6	"""
7
8	alias Boruta.Oauth.CodeRequest
9	alias Boruta.Oauth.Error
10	alias Boruta.Oauth.HybridRequest
11	alias Boruta.Oauth.PreauthorizedCodeRequest
12	alias Boruta.Oauth.SiopV2Request
13	alias Boruta.Oauth.TokenRequest
14
15	@type t :: %__MODULE__{
16	status: :internal_server_error \| :bad_request \| :unauthorized,
17	error:
18	:invalid_request
19	\| :invalid_client
20	\| :invalid_access_token
21	\| :invalid_scope
22	\| :invalid_code
23	\| :invalid_resource_owner
24	\| :login_required
25	\| :unknown_error,
26	error_description: String.t(),
27	format: :query \| :fragment \| nil,
28	redirect_uri: String.t() \| nil,
29	state: String.t() \| nil
30	}
31
32	@enforce_keys [:status, :error, :error_description]
33	defstruct status: nil,
34	error: nil,
35	error_description: nil,
36	format: nil,
37	redirect_uri: nil,
38	state: nil
39
40	@doc """
41	Returns the OAuth error augmented with the format according to request type.
42	"""
43	@spec with_format(
44	error :: Error.t(),
45	request ::
46	CodeRequest.t()
47	\| TokenRequest.t()
48	\| HybridRequest.t()
49	\| PreauthorizedCodeRequest.t()
50	\| SiopV2Request.t()
51	) :: Error.t()
52	def with_format(%Error{error: :invalid_client} = error, _) do
53	%{error \| format: nil, redirect_uri: nil}	11✔
54	end
55
56	def with_format(
57	%Error{error: :invalid_resource_owner} = error,
58	%HybridRequest{
59	redirect_uri: redirect_uri,
60	state: state,
61	prompt: "none"
62	} = request
63	) do
64	%{
65	error
66	\| error: :login_required,	1✔
67	error_description: "User is not logged in.",
68	format: response_mode(request),
69	redirect_uri: redirect_uri,
70	state: state
71	}
72	end
73
74	def with_format(%Error{error: :invalid_resource_owner} = error, %CodeRequest{
75	redirect_uri: redirect_uri,
76	state: state,
77	prompt: "none"
78	}) do
79	%{
80	error
81	\| error: :login_required,	1✔
82	error_description: "User is not logged in.",
83	format: :query,
84	redirect_uri: redirect_uri,
85	state: state
86	}
87	end
88
89	def with_format(%Error{error: :invalid_resource_owner} = error, %TokenRequest{
90	redirect_uri: redirect_uri,
91	state: state,
92	prompt: "none"
93	}) do
94	%{
95	error
96	\| error: :login_required,	1✔
97	error_description: "User is not logged in.",
98	format: :fragment,
99	redirect_uri: redirect_uri,
100	state: state
101	}
102	end
103
104	def with_format(%Error{} = error, %CodeRequest{redirect_uri: redirect_uri, state: state}) do
105	%{error \| format: :query, redirect_uri: redirect_uri, state: state}	7✔
106	end
107
108	def with_format(%Error{} = error, %SiopV2Request{redirect_uri: redirect_uri, state: state}) do
NEW 109	%{error \| format: :query, redirect_uri: redirect_uri, state: state}	×
110	end
111
112	def with_format(
113	%Error{} = error,
114	%HybridRequest{redirect_uri: redirect_uri, state: state} = request
115	) do
116	%{error \| format: response_mode(request), redirect_uri: redirect_uri, state: state}	9✔
117	end
118
119	def with_format(%Error{} = error, %TokenRequest{redirect_uri: redirect_uri, state: state}) do
120	%{error \| format: :fragment, redirect_uri: redirect_uri, state: state}	10✔
121	end
122
123	def with_format(%Error{} = error, %PreauthorizedCodeRequest{
124	redirect_uri: redirect_uri,
125	state: state
126	}) do
127	%{error \| format: :fragment, redirect_uri: redirect_uri, state: state}	3✔
128	end
129
130	defp response_mode(%HybridRequest{response_mode: "query"}), do: :query	1✔
131	defp response_mode(%HybridRequest{response_mode: "fragment"}), do: :fragment	×
132	# fallback to fragment since it is the hybrid default response mode
133	defp response_mode(%HybridRequest{response_mode: nil}), do: :fragment	9✔
134
135	@doc """
136	Returns the URL to be redirected according to error format.
137	"""
138	@spec redirect_to_url(error :: t()) :: url :: String.t()
139	def redirect_to_url(%__MODULE__{format: nil}), do: ""	1✔
140
141	def redirect_to_url(%__MODULE__{} = error) do
142	query_params = query_params(error)	4✔
143
144	url(error, query_params)	4✔
145	end
146
147	defp query_params(%__MODULE__{
148	error: error,
149	error_description: error_description,
150	state: state
151	}) do
152	%{error: error, error_description: error_description, state: state}
153	\|> Enum.filter(fn
154	{_key, nil} -> false	2✔
155	_ -> true	10✔
156	end)
157	\|> URI.encode_query()	4✔
158	end
159
160	defp url(%Error{redirect_uri: redirect_uri, format: :query}, query_params),
161	do: "#{redirect_uri}?#{query_params}"	2✔
162
163	defp url(%Error{redirect_uri: redirect_uri, format: :fragment}, query_params),
164	do: "#{redirect_uri}##{query_params}"	2✔
165	end

malach-it / boruta_auth / 346528214302e5afd22f58a24b4f87712ca4b712-PR-13

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous