Mercurial > prosody-modules
annotate mod_http_oauth2/html/device.html @ 5646:d67980d9e12d
mod_http_oauth2: Apply refresh token ttl to refresh token instead of grant
The intent in 59d5fc50f602 was for refresh tokens to extend the lifetime
of the grant, but the refresh token ttl was applied to the grant and
mod_tokenauth does not change it, leading to the grant expiring
regardless of refresh token usage.
This makes grant lifetimes unlimited, which seems to be standard
practice in the wild.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 11 Sep 2023 10:48:31 +0200 |
| parents | 401356232e1b |
| children |
| rev | line source |
|---|---|
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 <!DOCTYPE html> |
|
5635
401356232e1b
mod_http_oauth2: Specify language in templates
Kim Alvefur <zash@zash.se>
parents:
5631
diff
changeset
|
2 <html lang="en"> |
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 <head> |
|
5623
8de02381e80a
mod_http_oauth2: Conform to XHTML in templates
Kim Alvefur <zash@zash.se>
parents:
5608
diff
changeset
|
4 <meta charset="utf-8" /> |
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 <meta name="viewport" content="width=device-width, initial-scale=1" /> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 <title>{site_name} - Authorize{client&d} Device</title> |
|
5623
8de02381e80a
mod_http_oauth2: Conform to XHTML in templates
Kim Alvefur <zash@zash.se>
parents:
5608
diff
changeset
|
7 <link rel="stylesheet" href="style.css" /> |
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 </head> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 <body> |
|
5625
e86a1018cdb3
mod_http_oauth2: Present errors in HTML <dialog>
Kim Alvefur <zash@zash.se>
parents:
5624
diff
changeset
|
10 {error& |
|
e86a1018cdb3
mod_http_oauth2: Present errors in HTML <dialog>
Kim Alvefur <zash@zash.se>
parents:
5624
diff
changeset
|
11 <dialog open="" class="error"> |
|
e86a1018cdb3
mod_http_oauth2: Present errors in HTML <dialog>
Kim Alvefur <zash@zash.se>
parents:
5624
diff
changeset
|
12 <p>{error.text}</p> |
|
e86a1018cdb3
mod_http_oauth2: Present errors in HTML <dialog>
Kim Alvefur <zash@zash.se>
parents:
5624
diff
changeset
|
13 <form method="dialog"><button>dismiss</button></form> |
|
e86a1018cdb3
mod_http_oauth2: Present errors in HTML <dialog>
Kim Alvefur <zash@zash.se>
parents:
5624
diff
changeset
|
14 </dialog>} |
|
5624
6109496a7ccc
mod_http_oauth2: Move site name into <header>
Kim Alvefur <zash@zash.se>
parents:
5623
diff
changeset
|
15 <header> |
|
6109496a7ccc
mod_http_oauth2: Move site name into <header>
Kim Alvefur <zash@zash.se>
parents:
5623
diff
changeset
|
16 <h1>{site_name}</h1> |
|
6109496a7ccc
mod_http_oauth2: Move site name into <header>
Kim Alvefur <zash@zash.se>
parents:
5623
diff
changeset
|
17 </header> |
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 <main> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 <fieldset> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 <legend>Device Authorization</legend> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 {client& |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 <p>Authorization completed. You can go back to |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 <em>{client.client_name}</em>.</p>} |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 {client~ |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 <p>Enter the code to continue.</p> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 <form method="get"> |
|
5631
f889ff779571
mod_http_oauth2: Improve templates
Kim Alvefur <zash@zash.se>
parents:
5625
diff
changeset
|
27 <input type="text" name="user_code" placeholder="XXXX-XXXX" aria-label="Code" required="" /> |
|
5623
8de02381e80a
mod_http_oauth2: Conform to XHTML in templates
Kim Alvefur <zash@zash.se>
parents:
5608
diff
changeset
|
28 <button type="submit">Continue</button> |
|
5589
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 </form>} |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 </fieldset> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 </main> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 </body> |
|
7040d0772758
mod_http_oauth2: Implement RFC 8628 Device Authorization Grant
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 </html> |