Errors::Code DefaultClientAuthorizationFacade::processAuthorizationRequest(const IHttpRequest& request, IHttpResponse &response) const
{
if (!request.isParamExist(_acceptedFieldName))
{
make_error_response(Errors::Code::access_denied, "user denided access to client", request, response);
return Errors::Code::access_denied;
}
if (!request.isParamExist(_userIdFieldName) || !request.isParamExist(Params::client_id) || !request.isParamExist(Params::scope))
{
make_error_response(Errors::Code::invalid_request, "no one or more required parameters user_id, client_id, scope", request, response);
return Errors::Code::access_denied;
}
Grant grant(request.getParam(_userIdFieldName), request.getParam(Params::client_id), request.getParam(Params::scope));
ServiceLocator::instance()->Storage->saveGrant(grant);
//HACK: should use POST UserAuthenticationFacadeMock::_originalRequestFieldName parameter
response.addHeader("Location", request.getHeader("Referer"));
response.setStatus(302);
return Errors::ok;
};
bool RequestParameterClientAuthenticationFacade::hasClientCredentials(const IHttpRequest &request) const
{
clientid_t cid = static_cast<clientid_t>(request.getParam(Params::client_id));
string secret = request.getParam(Params::client_secret);
return ! (cid.empty() || secret.empty());
}
Client RequestParameterClientAuthenticationFacade::authenticateClient(const IHttpRequest &request) const
{
clientid_t cid = static_cast<clientid_t>(request.getParam(Params::client_id));
string secret = request.getParam(Params::client_secret);
Client c = ServiceLocator::instance()->Storage->getClient(cid);
if (c.empty() || secret.empty() || 0 != secret.compare(c.secret))
return Client::EmptyClient;
return c;
};