Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5189:4ee8eb1134a8
mod_http_oauth2: Add OIDC discovery endpoint (thanks Zash)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 03 Mar 2023 11:24:05 +0000 |
parents | 7c531137a553 |
children | 1733f184e2bb |
comparison
equal
deleted
inserted
replaced
5188:7c531137a553 | 5189:4ee8eb1134a8 |
---|---|
367 end | 367 end |
368 event.response.headers.content_type = "application/json"; | 368 event.response.headers.content_type = "application/json"; |
369 event.response.status_code = event.error.code or 400; | 369 event.response.status_code = event.error.code or 400; |
370 return json.encode(oauth2_response); | 370 return json.encode(oauth2_response); |
371 end, 5); | 371 end, 5); |
372 | |
373 -- OIDC Discovery | |
374 | |
375 module:provides("http", { | |
376 name = "oauth2-discovery"; | |
377 default_path = "/.well-known/oauth-authorization-server"; | |
378 route = { | |
379 ["GET"] = { | |
380 headers = { content_type = "application/json" }; | |
381 body = json.encode { | |
382 issuer = module:http_url(nil, "/"); | |
383 authorization_endpoint = module:http_url() .. "/authorize"; | |
384 token_endpoint = module:http_url() .. "/token"; | |
385 jwks_uri = nil; -- TODO? | |
386 registration_endpoint = nil; -- TODO | |
387 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; | |
388 response_types_supported = { "code"; "token" }; | |
389 }; | |
390 }; | |
391 }; | |
392 }); | |
393 | |
394 module:shared("tokenauth/oauthbearer_config").oidc_discovery_url = module:http_url("oauth2-discovery", "/.well-known/oauth-authorization-server"); |