prosody-modules: mod_http_oauth2/mod_http

comparison mod_http_oauth2/mod_http_oauth2.lua @ 5358:0905d348bd34

mod_http_oauth2: Include additional OpenID scopes in metadata Drops fallback because this module probably doesn't work with Prosody before the role stuff anyway.

author	Kim Alvefur <zash@zash.se>
date	Sat, 22 Apr 2023 14:22:56 +0200
parents	eda3b078ba2c
children	230fc6a0c086

comparison

equal deleted inserted replaced

-:eda3b078ba2c
+:0905d348bd34
 				issuer = get_issuer();
 				authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil;
 				token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil;
 				jwks_uri = nil; -- TODO?
 				registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil;
-				scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):push("openid")
+				scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):append(array(openid_claims:items()));
-					or { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator"; "openid" };
 				response_types_supported = array(it.keys(response_type_handlers));
 				authorization_response_iss_parameter_supported = true;
 				-- OpenID
 				userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil;

Mercurial > prosody-modules

comparison mod_http_oauth2/mod_http_oauth2.lua @ 5358:0905d348bd34