Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5480:5108f63e762b
mod_http_oauth2: Allow CORS for browser clients
Needed for web clients to reach i.e. the token endpoint.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 18 May 2023 14:51:48 +0200 |
parents | 30e2722c9fa3 |
children | 7998b49d6512 |
comparison
equal
deleted
inserted
replaced
5479:30e2722c9fa3 | 5480:5108f63e762b |
---|---|
1023 }; | 1023 }; |
1024 end | 1024 end |
1025 | 1025 |
1026 module:depends("http"); | 1026 module:depends("http"); |
1027 module:provides("http", { | 1027 module:provides("http", { |
1028 cors = { enabled = true; credentials = true }; | |
1028 route = { | 1029 route = { |
1029 -- OAuth 2.0 in 5 simple steps! | 1030 -- OAuth 2.0 in 5 simple steps! |
1030 -- This is the normal 'authorization_code' flow. | 1031 -- This is the normal 'authorization_code' flow. |
1031 | 1032 |
1032 -- Step 1. Create OAuth client | 1033 -- Step 1. Create OAuth client |
1087 -- OIDC Discovery | 1088 -- OIDC Discovery |
1088 | 1089 |
1089 module:provides("http", { | 1090 module:provides("http", { |
1090 name = "oauth2-discovery"; | 1091 name = "oauth2-discovery"; |
1091 default_path = "/.well-known/oauth-authorization-server"; | 1092 default_path = "/.well-known/oauth-authorization-server"; |
1093 cors = { enabled = true }; | |
1092 route = { | 1094 route = { |
1093 ["GET"] = { | 1095 ["GET"] = { |
1094 headers = { content_type = "application/json" }; | 1096 headers = { content_type = "application/json" }; |
1095 body = json.encode { | 1097 body = json.encode { |
1096 -- RFC 8414: OAuth 2.0 Authorization Server Metadata | 1098 -- RFC 8414: OAuth 2.0 Authorization Server Metadata |