Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5336:77ac04bd2f65
mod_http_oauth2: Add some debug logging for UserInfo endpoint
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 10 Apr 2023 10:47:51 +0200 |
parents | 53c6f49dcbb8 |
children | 8d8e85d6dc91 |
comparison
equal
deleted
inserted
replaced
5335:53c6f49dcbb8 | 5336:77ac04bd2f65 |
---|---|
748 | 748 |
749 local function handle_userinfo_request(event) | 749 local function handle_userinfo_request(event) |
750 local request = event.request; | 750 local request = event.request; |
751 local credentials = get_request_credentials(request); | 751 local credentials = get_request_credentials(request); |
752 if not credentials or not credentials.bearer_token then | 752 if not credentials or not credentials.bearer_token then |
753 module:log("debug", "Missing credentials for UserInfo endpoint: %q", credentials) | |
753 return 401; | 754 return 401; |
754 end | 755 end |
755 local token_info = tokens.get_token_info(credentials.bearer_token); | 756 local token_info,err = tokens.get_token_info(credentials.bearer_token); |
756 if not token_info then | 757 if not token_info then |
758 module:log("debug", "UserInfo query failed token validation: %s", err) | |
757 return 403; | 759 return 403; |
758 end | 760 end |
759 -- TODO check that they actually have access to the userinfo endpoint, aka | 761 -- TODO check that they actually have access to the userinfo endpoint, aka |
760 -- the 'openid' scope. Tokens currently contain the JID in plain text so | 762 -- the 'openid' scope. Tokens currently contain the JID in plain text so |
761 -- we're not really returning anything they did not know already. | 763 -- we're not really returning anything they did not know already. |