Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5385:544b92750a2a
mod_http_oauth2: Advertise supported token endpoint auth methods
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 29 Apr 2023 13:23:30 +0200 |
| parents | b40f29ec391a |
| children | 6f13200c9fc1 |
comparison
equal
deleted
inserted
replaced
| 5384:b40f29ec391a | 5385:544b92750a2a |
|---|---|
| 580 if not params then | 580 if not params then |
| 581 return error_response(event.request, oauth_error("invalid_request")); | 581 return error_response(event.request, oauth_error("invalid_request")); |
| 582 end | 582 end |
| 583 | 583 |
| 584 if credentials and credentials.type == "basic" then | 584 if credentials and credentials.type == "basic" then |
| 585 -- client_secret_basic converted internally to client_secret_post | |
| 585 params.client_id = http.urldecode(credentials.username); | 586 params.client_id = http.urldecode(credentials.username); |
| 586 params.client_secret = http.urldecode(credentials.password); | 587 params.client_secret = http.urldecode(credentials.password); |
| 587 end | 588 end |
| 588 | 589 |
| 589 local grant_type = params.grant_type | 590 local grant_type = params.grant_type |
| 944 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; | 945 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; |
| 945 jwks_uri = nil; -- TODO? | 946 jwks_uri = nil; -- TODO? |
| 946 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; | 947 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; |
| 947 scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):append(array(openid_claims:items())); | 948 scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):append(array(openid_claims:items())); |
| 948 response_types_supported = array(it.keys(response_type_handlers)); | 949 response_types_supported = array(it.keys(response_type_handlers)); |
| 950 token_endpoint_auth_methods_supported = array({ "client_secret_post"; "client_secret_basic" }); | |
| 949 code_challenge_methods_supported = array(it.keys(verifier_transforms)); | 951 code_challenge_methods_supported = array(it.keys(verifier_transforms)); |
| 950 authorization_response_iss_parameter_supported = true; | 952 authorization_response_iss_parameter_supported = true; |
| 951 | 953 |
| 952 -- OpenID | 954 -- OpenID |
| 953 userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; | 955 userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; |