Mercurial > prosody-modules

comparison mod_http_oauth2/mod_http_oauth2.lua @ 5263:381c62ef52aa

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Group metadata section into OAuth and OpenID Could easily be confusing otherwise if you're reading one spec and see properties not defined there.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:45:02 +0100
parents e73f364b5624
children d3ebaef1ea7a
comparison
equal deleted inserted replaced
5262:e73f364b5624 5263:381c62ef52aa
790 default_path = "/.well-known/oauth-authorization-server"; 790 default_path = "/.well-known/oauth-authorization-server";
791 route = { 791 route = {
792 ["GET"] = { 792 ["GET"] = {
793 headers = { content_type = "application/json" }; 793 headers = { content_type = "application/json" };
794 body = json.encode { 794 body = json.encode {
795 -- RFC 8414: OAuth 2.0 Authorization Server Metadata
795 issuer = get_issuer(); 796 issuer = get_issuer();
796 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; 797 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil;
797 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; 798 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil;
798 jwks_uri = nil; -- TODO? 799 jwks_uri = nil; -- TODO?
799 userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil;
800 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; 800 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil;
801 scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):push("openid") 801 scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):push("openid")
802 or { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator"; "openid" }; 802 or { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator"; "openid" };
803 response_types_supported = array(it.keys(response_type_handlers)); 803 response_types_supported = array(it.keys(response_type_handlers));
804 authorization_response_iss_parameter_supported = true; 804 authorization_response_iss_parameter_supported = true;
805
806 -- OpenID
807 userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil;
805 }; 808 };
806 }; 809 };
807 }; 810 };
808 }); 811 });
809 812