authorizationEndpoint method
A request handler that invokes the correct logic, depending on which type of grant the client is requesting.
Implementation
Future<void> authorizationEndpoint(
RequestContext req, ResponseContext res) async {
var state = '';
try {
var query = req.queryParameters;
state = query['state']?.toString() ?? '';
var responseType = await _getParam(req, 'response_type', state);
req.container!.registerLazySingleton<Pkce>((_) {
return Pkce.fromJson(req.queryParameters, state: state);
});
if (responseType == 'code' || responseType == 'token') {
// Ensure client ID
var clientId = await _getParam(req, 'client_id', state);
// Find client
var client = await findClient(clientId)!;
if (client == null) {
throw AuthorizationException(ErrorResponse(
ErrorResponse.unauthorizedClient,
'Unknown client "$clientId".',
state,
));
}
// Grab redirect URI
var redirectUri = await _getParam(req, 'redirect_uri', state);
// Grab scopes
var scopes = await _getScopes(req);
return await requestAuthorizationCode(client, redirectUri, scopes,
state, req, res, responseType == 'token');
}
throw AuthorizationException(
ErrorResponse(
ErrorResponse.invalidRequest,
'Invalid or no "response_type" parameter provided',
state,
),
statusCode: 400);
} on AngelHttpException {
rethrow;
} catch (e, st) {
throw AuthorizationException(
ErrorResponse(
ErrorResponse.serverError,
_internalServerError,
state,
),
error: e,
statusCode: 500,
stackTrace: st,
);
}
}