Learn R Programming
shinyOAuth (version 0.4.0)

error_on_softened: Throw an error if any safety checks have been disabled

Description

This function checks if any safety checks have been disabled via options intended for local development use only. If any such options are detected, an error is thrown to prevent accidental use in production environments.

Usage

error_on_softened()

Arguments

Value

Invisible TRUE if no safety checks are disabled; otherwise, an error is thrown.

Details

It checks for the following options:

  • shinyOAuth.skip_browser_token: Skips browser cookie presence check

  • shinyOAuth.skip_id_sig: Skips ID token signature verification

  • shinyOAuth.print_errors: Enables printing of error messages

  • shinyOAuth.print_traceback: Enables printing of tracebacks (opt-in only; default FALSE)

  • shinyOAuth.expose_error_body: Exposes HTTP response bodies

  • shinyOAuth.allow_unsigned_userinfo_jwt: Accepts unsigned (alg=none) UserInfo JWTs

  • shinyOAuth.allow_redirect: Disables anti-redirect protections for sensitive HTTP flows

Note: Tracebacks are only treated as a "softened" behavior when the shinyOAuth.print_traceback option is explicitly set to TRUE. The default is FALSE, even in interactive or test sessions.

Examples

Run this code
# Throw an error if any developer-only softening options are enabled
# Below call does not error if run with default options:
error_on_softened()

# Below call would error (is therefore not run):
if (FALSE) {
options(shinyOAuth.skip_id_sig = TRUE)
error_on_softened()
}

Run the code above in your browser using DataLab