3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-28 09:56:31 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/oauth21/validate_client.go
Denis Mishin 63ccf6ab93
mcp: authorize request (pt1) (#5585)
2025-04-24 14:59:12 -04:00

40 lines
999 B
Go
Raw Blame History

package oauth21
import (
"slices"
"github.com/pomerium/pomerium/internal/oauth21/gen"
rfc7591v1 "github.com/pomerium/pomerium/internal/rfc7591"
)
func ValidateAuthorizationRequest(
client *rfc7591v1.ClientMetadata,
req *gen.AuthorizationRequest,
) error {
if err := ValidateAuthorizationRequestRedirectURI(client, req.RedirectUri); err != nil {
return err
}
return nil
}
func ValidateAuthorizationRequestRedirectURI(
client *rfc7591v1.ClientMetadata,
redirectURI *string,
) error {
if len(client.RedirectUris) == 0 {
return Error{Code: InvalidClient, Description: "client has no redirect URIs"}
}
if redirectURI == nil {
if len(client.RedirectUris) != 1 {
return Error{Code: InvalidRequest, Description: "client has multiple redirect URIs and none were provided"}
}
return nil
}
if !slices.Contains(client.RedirectUris, *redirectURI) {
return Error{Code: InvalidGrant, Description: "client redirect URI does not match registered redirect URIs"}
}
return nil
}
Reference in a new issue View git blame Copy permalink