module Doorkeeper::Config::Validations

def validate!

Validates configuration options to be set properly.

def validate!
  validate_reuse_access_token_value
  validate_token_reuse_limit
  validate_secret_strategies
  validate_pkce_code_challenge_methods
end

def validate_pkce_code_challenge_methods

def validate_pkce_code_challenge_methods
  return if pkce_code_challenge_methods.all? {|method| method =~ /^plain$|^S256$/ }
  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured an invalid value for pkce_code_challenge_methods option. " \
    "It will be set to default ['plain', 'S256']",
  )
  @pkce_code_challenge_methods = ['plain', 'S256']
end

def validate_reuse_access_token_value

In that case, disable reuse_access_token value and warn the user.

+token_secret_strategy+ have both been activated.
Determine whether +reuse_access_token+ and a non-restorable

def validate_reuse_access_token_value
  strategy = token_secret_strategy
  return if !reuse_access_token || strategy.allows_restoring_secrets?
  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured both reuse_access_token " \
    "AND '#{strategy}' strategy which cannot restore tokens. " \
    "This combination is unsupported. reuse_access_token will be disabled",
  )
  @reuse_access_token = false
end

def validate_secret_strategies

tokens and applications
Validate that the provided strategies are valid for

def validate_secret_strategies
  token_secret_strategy.validate_for(:token)
  application_secret_strategy.validate_for(:application)
end

def validate_token_reuse_limit

def validate_token_reuse_limit
  return if !reuse_access_token ||
            (token_reuse_limit > 0 && token_reuse_limit <= 100)
  ::Rails.logger.warn(
    "[DOORKEEPER] You have configured an invalid value for token_reuse_limit option. " \
    "It will be set to default 100",
  )
  @token_reuse_limit = 100
end

Instance Methods

Defined in

lib/doorkeeper/config/validations.rb

Modules

Classes