Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
}
): Explanation[] {
const explanationsByScope: {
[scope: string]: (Explanation & { degreesOfFreedom: number[] })[];
} = Object.create(null);
for (const template of explanations) {
let templateScope: string = template.scope;
// The score represents the degrees of freedom between the explanation
// template and the matched scope. The lower the score, the more exact the
// match.
const templateSegmentCount = template.scope.split("{").length - 1;
if (templateSegmentCount) {
const injection = inject(template.scope, {
/* eslint-disable @typescript-eslint/camelcase */
current_authorization_id: substitutions.currentAuthorizationId,
current_user_id: substitutions.currentUserId,
current_grant_id: substitutions.currentGrantId,
current_client_id: substitutions.currentClientId
/* eslint-enable @typescript-eslint/camelcase */
});
if (injection === null) {
continue;
}
templateScope = injection;
}
for (const { query, result, parameters } of extract(
const paramsState = url.searchParams.get("state") || null;
const paramsClientId = url.searchParams.get("client_id") || null;
const paramsRedirectUri = url.searchParams.get("redirect_uri") || null;
const paramsScope = url.searchParams.get("scope") || null;
// If we end up creating a new grant, this is the ID we'll use.
const [speculativeGrantId, setSpeculativeGrantId] = useState(() => v4());
// Parse the scopes
const requestedScopeTemplates = paramsScope ? paramsScope.split(" ") : null;
let requestedScopeTemplatesAreValid: boolean | null = null;
if (requestedScopeTemplates) {
try {
// Make sure that the template does not contain variables in addition to
// those that can be used here.
inject(requestedScopeTemplates, {
/* eslint-disable @typescript-eslint/camelcase */
current_client_id: "",
current_grant_id: "",
current_user_id: "",
current_authorization_id: ""
/* eslint-enable @typescript-eslint/camelcase */
});
requestedScopeTemplatesAreValid = true;
} catch (error) {
requestedScopeTemplatesAreValid = false;
}
}
// Get the user, grant, and client from the API.
const { loading, cacheValue } = useGraphQL<
const possibleRequestedAuthorizations = authorizations.filter(t =>
isEqual(
inject(requestedScopeTemplates, {
/* eslint-disable @typescript-eslint/camelcase */
current_user_id: grant.userId ?? null,
current_grant_id: grant.id ?? null,
current_client_id: grant.clientId ?? null,
current_authorization_id: t.id ?? null
/* eslint-enable @typescript-eslint/camelcase */
}),
t.scopes
)
);
if (possibleRequestedAuthorizations.length) {
// Use an existing authorization.
requestedAuthorization = possibleRequestedAuthorizations[0];
} else {
// Create a new authorization.
const authorizationId = v4();
requestedAuthorization = await Authorization.write(
tx,
{
id: authorizationId,
enabled: true,
userId: user.id,
grantId: grant.id,
secret: randomBytes(16).toString("hex"),
scopes: inject(requestedScopeTemplates, {
/* eslint-disable @typescript-eslint/camelcase */
current_user_id: grant.userId ?? null,
current_grant_id: grant.id ?? null,
current_client_id: grant.clientId ?? null,
current_authorization_id: authorizationId ?? null
/* eslint-enable @typescript-eslint/camelcase */
})
},
{
recordId: v4(),
createdByAuthorizationId: rootAuthorization.id,
createdByCredentialId: null,
createdAt: new Date()
}
);
}
() =>
requestedScopeTemplates
? simplify(
inject(
[
...requestedScopeTemplates,
createV2AuthXScope(
__REALM__,
{
type: "user",
userId: "{current_user_id}"
},
{
basic: "r"
}
),
createV2AuthXScope(
__REALM__,
{
type: "grant",