lib/doorkeeper/openid_connect/config.rb
# frozen_string_literal: true
module Doorkeeper
module OpenidConnect
def self.configure(&block)
if Doorkeeper.configuration.orm != :active_record
raise Errors::InvalidConfiguration, 'Doorkeeper OpenID Connect currently only supports the ActiveRecord ORM adapter'
end
@config = Config::Builder.new(&block).build
end
def self.configuration
@config || (raise Errors::MissingConfiguration)
end
class Config
class Builder
def initialize(&block)
@config = Config.new
instance_eval(&block)
end
def build
@config
end
def jws_public_key(*_args)
puts 'DEPRECATION WARNING: `jws_public_key` is not needed anymore and will be removed in a future version, please remove it from config/initializers/doorkeeper_openid_connect.rb'
end
def jws_private_key(*args)
puts 'DEPRECATION WARNING: `jws_private_key` has been replaced by `signing_key` and will be removed in a future version, please remove it from config/initializers/doorkeeper_openid_connect.rb'
signing_key(*args)
end
end
mattr_reader(:builder_class) { Config::Builder }
extend ::Doorkeeper::Config::Option
option :issuer
option :signing_key
option :signing_algorithm, default: :rs256
option :subject_types_supported, default: [:public]
option :resource_owner_from_access_token, default: lambda { |*_|
raise Errors::InvalidConfiguration, I18n.translate('doorkeeper.openid_connect.errors.messages.resource_owner_from_access_token_not_configured')
}
option :auth_time_from_resource_owner, default: lambda { |*_|
raise Errors::InvalidConfiguration, I18n.translate('doorkeeper.openid_connect.errors.messages.auth_time_from_resource_owner_not_configured')
}
option :reauthenticate_resource_owner, default: lambda { |*_|
raise Errors::InvalidConfiguration, I18n.translate('doorkeeper.openid_connect.errors.messages.reauthenticate_resource_owner_not_configured')
}
option :select_account_for_resource_owner, default: lambda { |*_|
raise Errors::InvalidConfiguration, I18n.translate('doorkeeper.openid_connect.errors.messages.select_account_for_resource_owner_not_configured')
}
option :subject, default: lambda { |*_|
raise Errors::InvalidConfiguration, I18n.translate('doorkeeper.openid_connect.errors.messages.subject_not_configured')
}
option :expiration, default: 120
option :claims, builder_class: ClaimsBuilder
option :protocol, default: lambda { |*_|
::Rails.env.production? ? :https : :http
}
option :end_session_endpoint, default: lambda { |*_|
nil
}
option :discovery_url_options, default: lambda { |*_|
{}
}
end
end
end