Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5336:77ac04bd2f65
mod_http_oauth2: Add some debug logging for UserInfo endpoint
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 10 Apr 2023 10:47:51 +0200 |
| parents | 53c6f49dcbb8 |
| children | 8d8e85d6dc91 |
comparison
equal
deleted
inserted
replaced
| 5335:53c6f49dcbb8 | 5336:77ac04bd2f65 |
|---|---|
| 748 | 748 |
| 749 local function handle_userinfo_request(event) | 749 local function handle_userinfo_request(event) |
| 750 local request = event.request; | 750 local request = event.request; |
| 751 local credentials = get_request_credentials(request); | 751 local credentials = get_request_credentials(request); |
| 752 if not credentials or not credentials.bearer_token then | 752 if not credentials or not credentials.bearer_token then |
| 753 module:log("debug", "Missing credentials for UserInfo endpoint: %q", credentials) | |
| 753 return 401; | 754 return 401; |
| 754 end | 755 end |
| 755 local token_info = tokens.get_token_info(credentials.bearer_token); | 756 local token_info,err = tokens.get_token_info(credentials.bearer_token); |
| 756 if not token_info then | 757 if not token_info then |
| 758 module:log("debug", "UserInfo query failed token validation: %s", err) | |
| 757 return 403; | 759 return 403; |
| 758 end | 760 end |
| 759 -- TODO check that they actually have access to the userinfo endpoint, aka | 761 -- TODO check that they actually have access to the userinfo endpoint, aka |
| 760 -- the 'openid' scope. Tokens currently contain the JID in plain text so | 762 -- the 'openid' scope. Tokens currently contain the JID in plain text so |
| 761 -- we're not really returning anything they did not know already. | 763 -- we're not really returning anything they did not know already. |