wip. response から email が落ちる

README.md

@@ -1,4 +1,7 @@
 
+bugs:
+ - response から email が drop する。ユーザの承諾の保存辺りが不味そう
+
 ●●未了
  - `registration_endpoint` 動的な登録の再実装
  - `end_session_endpoint` シングルログアウト (SLO) の実装

app/controllers/discovery_controller.rb

@@ -40,7 +40,11 @@ def show
     end
   end
 
+  def jwk_set
+    render json: {keys: IdToken.config[:jwk_set]}.to_json
+  end
 
+
 private
 
   def webfinger_discovery

app/models/fake_user.rb

@@ -19,6 +19,7 @@ class FakeUser < ApplicationRecord
 
   def to_response_object access_token
     userinfo = userinfo()
+    #raise userinfo.inspect  # この段階では email 入っている
     unless access_token.accessible?(Scope::PROFILE)
       userinfo.all_attributes.each do |attribute|
         userinfo.send("#{attribute}=", nil) unless access_token.accessible?(attribute)

app/views/clients/_client.html.erb

@@ -1,23 +1,27 @@
 
 <fieldset class="client">
-  <h3>
-    <%= client.name %>
-    <code class="redirect_uris"><%= client.redirect_uris.try(:join, ' ') %></code>
-  </h3>
+  <h3 class="title is-3"><%= client.name %></h3>
+  <p><%= t('client.identifier') %>
+    <code><%= client.identifier %></code>
+
   <details>
-    <summary><%= t('client.credentials') %></summary>
+    <summary>Details:</summary>
     <dl>
-      <dt><%= t('client.identifier') %>
-      <dd><code><%= client.identifier %></code>
+      <dt>Redirect URIs:
+      <dd><% client.redirect_uris.each do |uri| %>
+        <code class="redirect_uris"><%= uri %></code>
+        <% end %>
+
       <dt><%= t('client.secret') %></dt>
       <dd><code><%= client.secret %></code>
     </dl>
     <nav class="authorize">
-      <h4><%= t('authorizations.new.title', client:client.name) %></h4>
+      <h4 class="title is-4"><%= t('authorizations.new.title', client:client.name) %></h4>
       <ul>
         <% Client.available_response_types.each do |response_type| %>
           <li>
-            <%= form_tag new_authorization_path, method: :get do %>
+            <%= form_tag new_authorization_path, method: :get, data:{turbo:false} do %>
+              <%= hidden_field_tag :redirect_uri, client.redirect_uris.first %>
               <%= hidden_field_tag :client_id, client.identifier %>
               <%= hidden_field_tag :response_type, response_type %>
               <%= hidden_field_tag :scope, Scope.all.collect(&:name).join(' ') %>
@@ -28,6 +32,7 @@
       </ul>
     </nav>
   </details>
+
   <footer>
       <%= link_to 'Edit...', edit_client_path(client) %>
       <%= button_to t('destroy'), client_path(client), 

app/views/clients/edit.html.erb

@@ -1,4 +1,5 @@
-<h1><%= 'Edit ' + @client.name %></h1>
+
+<% content_for(:title) {"Edit " + @client.name } %>
 
 <article>
   <%= form_for @client, :method => :put, :html => {:class => 'box'} do |f| %>

app/views/dashboard/show.html.erb

@@ -7,7 +7,7 @@
   </p>
 </nav>
 
-<section>
+<section class="section">
   <%= render @clients %>
 </section>
 

config/routes.rb

@@ -68,10 +68,8 @@
   # UserInfo Endpoint
   match 'user_info',       to: 'user_info#show', :via => [:get, :post]
 
-  get   'jwks.json',     to: proc { |env| 
-                                [200, 
-                                 {'Content-Type' => 'application/json'}, 
-                                 [IdToken.config[:jwk_set].to_json]] }
+  # 
+  get   'jwks.json',     to: "discovery#jwk_set"
 
   # For details on the DSL available within this file, 
   # see https://guides.rubyonrails.org/routing.html