comparison mod_http_oauth2/mod_http_oauth2.lua @ 5201:47576c73eedf

mod_http_oauth2: Strip trailing '/' from issuer URL
author Matthew Wild <mwild1@gmail.com>
date Sat, 04 Mar 2023 13:23:26 +0000
parents afed7d5bd65c
children b81fd0d22c66
comparison
equal deleted inserted replaced
5200:afed7d5bd65c 5201:47576c73eedf
154 local redirect = url.parse(redirect_uri); 154 local redirect = url.parse(redirect_uri);
155 155
156 local query = http.formdecode(redirect.query or ""); 156 local query = http.formdecode(redirect.query or "");
157 if type(query) ~= "table" then query = {}; end 157 if type(query) ~= "table" then query = {}; end
158 table.insert(query, { name = "code", value = code }); 158 table.insert(query, { name = "code", value = code });
159 table.insert(query, { name = "iss", value = module:http_url(nil, "/") }); 159 table.insert(query, { name = "iss", value = module:http_url(nil, "/"):gsub("/$", "") });
160 if params.state then 160 if params.state then
161 table.insert(query, { name = "state", value = params.state }); 161 table.insert(query, { name = "state", value = params.state });
162 end 162 end
163 redirect.query = http.formencode(query); 163 redirect.query = http.formencode(query);
164 164
466 default_path = "/.well-known/oauth-authorization-server"; 466 default_path = "/.well-known/oauth-authorization-server";
467 route = { 467 route = {
468 ["GET"] = { 468 ["GET"] = {
469 headers = { content_type = "application/json" }; 469 headers = { content_type = "application/json" };
470 body = json.encode { 470 body = json.encode {
471 issuer = module:http_url(nil, "/"); 471 issuer = module:http_url(nil, "/"):gsub("/$", "");
472 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; 472 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil;
473 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; 473 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil;
474 jwks_uri = nil; -- TODO? 474 jwks_uri = nil; -- TODO?
475 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; 475 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil;
476 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; 476 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" };