update t p

2025-09-17 22:27:01 -03:00
parent a7a7cc6cc1
commit 0e6a503ee4
8 changed files with 51 additions and 17 deletions
--- a/id.saladeaula.digital/client/app/lib/http-status.ts
+++ b/id.saladeaula.digital/client/app/lib/http-status.ts
@@ -2,4 +2,5 @@ export const OK = 200
 export const FOUND = 302
 export const BAD_REQUEST = 400
 export const UNAUTHORIZED = 401
+export const FORBIDDEN = 403
 export const INTERNAL_SERVER = 500
--- a/id.saladeaula.digital/client/app/routes.ts
+++ b/id.saladeaula.digital/client/app/routes.ts
@@ -6,7 +6,10 @@ import {
 } from '@react-router/dev/routes'

 export default [
-  layout('routes/layout.tsx', [index('routes/index.tsx')]),
+  layout('routes/layout.tsx', [
+    index('routes/index.tsx'),
+    route('/deny', 'routes/deny.tsx')
+  ]),
  route('/authorize', 'routes/authorize.ts'),
  route('/token', 'routes/token.ts'),
  route('/revoke', 'routes/revoke.ts')
--- a/id.saladeaula.digital/client/app/routes/authorize.ts
+++ b/id.saladeaula.digital/client/app/routes/authorize.ts
@@ -30,6 +30,12 @@ export async function loader({ request, context }: Route.LoaderArgs) {
      redirect: 'manual'
    })

+    console.log('Issuer response', {
+      json: await r.json(),
+      headers: r.headers,
+      status: r.status
+    })
+
    if (r.status === httpStatus.FOUND) {
      return new Response(await r.text(), {
        status: r.status,
@@ -37,11 +43,15 @@ export async function loader({ request, context }: Route.LoaderArgs) {
      })
    }

-    console.log('Issuer response', {
-      json: await r.json(),
-      headers: r.headers,
-      status: r.status
-    })
+    // Deny authorization if user lacks scopes requested by client
+    if (r.status === httpStatus.FORBIDDEN) {
+      return new Response(null, {
+        status: httpStatus.FOUND,
+        headers: {
+          Location: new URL('/deny', url.origin).toString()
+        }
+      })
+    }

    return new Response(null, {
      status: httpStatus.FOUND,
--- a/id.saladeaula.digital/client/app/routes/deny.tsx
+++ b/id.saladeaula.digital/client/app/routes/deny.tsx
@@ -0,0 +1,20 @@
+import { LockIcon } from 'lucide-react'
+import type { Route } from './+types'
+
+export function meta({}: Route.MetaArgs) {
+  return [{ title: 'Acesso negado' }]
+}
+
+export default function Deny({}: Route.ComponentProps) {
+  return (
+    <>
+      <div className="flex flex-col text-center items-center gap-6">
+        <LockIcon className="size-12" />
+        <div className="space-y-1.5">
+          <h1 className="text-xl text-gray-10 font-bold">Acesso negado.</h1>
+          <p>Você não tem permissão.</p>
+        </div>
+      </div>
+    </>
+  )
+}
--- a/id.saladeaula.digital/client/app/routes/revoke.ts
+++ b/id.saladeaula.digital/client/app/routes/revoke.ts
@@ -8,8 +8,6 @@ export async function action({ request, context }: Route.ActionArgs) {
    body: await request.text()
  })

-  // console.log(await r.text(), r)
-
  return new Response(await r.text(), {
    status: r.status,
    headers: r.headers