module Doorkeeper::Config::Validations

Doorkeeper configuration validator.

Public Instance Methods

validate!() click to toggle source

Validates configuration options to be set properly.

# File lib/doorkeeper/config/validations.rb, line 10
def validate!
  validate_reuse_access_token_value
  validate_token_reuse_limit
  validate_secret_strategies
  validate_pkce_code_challenge_methods
end

Private Instance Methods

validate_pkce_code_challenge_methods() click to toggle source
# File lib/doorkeeper/config/validations.rb, line 53
def validate_pkce_code_challenge_methods
  return if pkce_code_challenge_methods.all? {|method| method =~ /^plain$|^S256$/ }

  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured an invalid value for pkce_code_challenge_methods option. " \
    "It will be set to default ['plain', 'S256']",
  )

  @pkce_code_challenge_methods = ['plain', 'S256']
end
validate_reuse_access_token_value() click to toggle source

Determine whether reuse_access_token and a non-restorable token_secret_strategy have both been activated.

In that case, disable reuse_access_token value and warn the user.

# File lib/doorkeeper/config/validations.rb, line 23
def validate_reuse_access_token_value
  strategy = token_secret_strategy
  return if !reuse_access_token || strategy.allows_restoring_secrets?

  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured both reuse_access_token " \
    "AND '#{strategy}' strategy which cannot restore tokens. " \
    "This combination is unsupported. reuse_access_token will be disabled",
  )
  @reuse_access_token = false
end
validate_secret_strategies() click to toggle source

Validate that the provided strategies are valid for tokens and applications

# File lib/doorkeeper/config/validations.rb, line 37
def validate_secret_strategies
  token_secret_strategy.validate_for(:token)
  application_secret_strategy.validate_for(:application)
end
validate_token_reuse_limit() click to toggle source
# File lib/doorkeeper/config/validations.rb, line 42
def validate_token_reuse_limit
  return if !reuse_access_token ||
            (token_reuse_limit > 0 && token_reuse_limit <= 100)

  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured an invalid value for token_reuse_limit option. " \
    "It will be set to default 100",
  )
  @token_reuse_limit = 100
end