comparison mod_http_oauth2/mod_http_oauth2.lua @ 5466:398d936e77fb

mod_http_oauth2: Add support for the OpenID 'login_hint' parameter This allows the client to suggest to the authorization screen which user is trying to login, so they don't have to fill that in twice if they already did so at the client.
author Kim Alvefur <zash@zash.se>
date Wed, 17 May 2023 18:49:22 +0200
parents 66e13e79928b
children 1c78a97a1091
comparison
equal deleted inserted replaced
5465:66e13e79928b 5466:398d936e77fb
705 end 705 end
706 706
707 local auth_state = get_auth_state(request); 707 local auth_state = get_auth_state(request);
708 if not auth_state.user then 708 if not auth_state.user then
709 -- Render login page 709 -- Render login page
710 return render_page(templates.login, { state = auth_state, client = client }); 710 local extra = {};
711 if params.login_hint then
712 extra.username_hint = (jid.prepped_split(params.login_hint));
713 extra.no_username_hint = not extra.username_hint;
714 end
715 return render_page(templates.login, { state = auth_state; client = client; extra = extra });
711 elseif auth_state.consent == nil then 716 elseif auth_state.consent == nil then
712 -- Render consent page 717 -- Render consent page
713 local scopes, roles = split_scopes(requested_scopes); 718 local scopes, roles = split_scopes(requested_scopes);
714 roles = user_assumable_roles(auth_state.user.username, roles); 719 roles = user_assumable_roles(auth_state.user.username, roles);
715 return render_page(templates.consent, { state = auth_state; client = client; scopes = scopes+roles }, true); 720 return render_page(templates.consent, { state = auth_state; client = client; scopes = scopes+roles }, true);