comparison mod_http_oauth2/mod_http_oauth2.lua @ 5006:5dadbe0718f1

mod_http_oauth2: Update for new new role API
author Matthew Wild <mwild1@gmail.com>
date Thu, 18 Aug 2022 10:36:58 +0100
parents 5ab134b7e510
children 2c6acf2d6fd4
comparison
equal deleted inserted replaced
5005:d68348323406 5006:5dadbe0718f1
20 end 20 end
21 21
22 if requested_scope_string then -- Specific role requested 22 if requested_scope_string then -- Specific role requested
23 -- TODO: The requested scope string is technically a space-delimited list 23 -- TODO: The requested scope string is technically a space-delimited list
24 -- of scopes, but for simplicity we're mapping this slot to role names. 24 -- of scopes, but for simplicity we're mapping this slot to role names.
25 local user_roles = usermanager.get_user_roles(username, module.host); 25 if usermanager.user_can_assume_role(username, module.host, requested_scope_string) then
26 if user_roles[requested_scope_string] then
27 return requested_scope_string; 26 return requested_scope_string;
28 end 27 end
29 end 28 end
30 29
31 return usermanager.get_user_default_role(username, module.host).name; 30 return usermanager.get_user_role(username, module.host).name;
32 end 31 end
33 32
34 local function code_expires_in(code) 33 local function code_expires_in(code)
35 return os.difftime(os.time(), code.issued); 34 return os.difftime(os.time(), code.issued);
36 end 35 end