Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5189:4ee8eb1134a8
mod_http_oauth2: Add OIDC discovery endpoint (thanks Zash)
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 03 Mar 2023 11:24:05 +0000 |
| parents | 7c531137a553 |
| children | 1733f184e2bb |
comparison
equal
deleted
inserted
replaced
| 5188:7c531137a553 | 5189:4ee8eb1134a8 |
|---|---|
| 367 end | 367 end |
| 368 event.response.headers.content_type = "application/json"; | 368 event.response.headers.content_type = "application/json"; |
| 369 event.response.status_code = event.error.code or 400; | 369 event.response.status_code = event.error.code or 400; |
| 370 return json.encode(oauth2_response); | 370 return json.encode(oauth2_response); |
| 371 end, 5); | 371 end, 5); |
| 372 | |
| 373 -- OIDC Discovery | |
| 374 | |
| 375 module:provides("http", { | |
| 376 name = "oauth2-discovery"; | |
| 377 default_path = "/.well-known/oauth-authorization-server"; | |
| 378 route = { | |
| 379 ["GET"] = { | |
| 380 headers = { content_type = "application/json" }; | |
| 381 body = json.encode { | |
| 382 issuer = module:http_url(nil, "/"); | |
| 383 authorization_endpoint = module:http_url() .. "/authorize"; | |
| 384 token_endpoint = module:http_url() .. "/token"; | |
| 385 jwks_uri = nil; -- TODO? | |
| 386 registration_endpoint = nil; -- TODO | |
| 387 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; | |
| 388 response_types_supported = { "code"; "token" }; | |
| 389 }; | |
| 390 }; | |
| 391 }; | |
| 392 }); | |
| 393 | |
| 394 module:shared("tokenauth/oauthbearer_config").oidc_discovery_url = module:http_url("oauth2-discovery", "/.well-known/oauth-authorization-server"); |