comparison mod_http_oauth2/mod_http_oauth2.lua @ 5495:7998b49d6512

mod_http_oauth2: Create proper template for OOB code delivery This also improves security by reusing the security and cache headers, where mod_http_errors/http-message doesn't add such headers. Colors selected by taking rotating the error colors, rrggbb -> ggbbrr
author Kim Alvefur <zash@zash.se>
date Wed, 31 May 2023 03:44:04 +0200
parents 5108f63e762b
children 57ce8c4017e7
comparison
equal deleted inserted replaced
5494:1bcf755c7bae 5495:7998b49d6512
43 43
44 local template_path = module:get_option_path("oauth2_template_path", "html"); 44 local template_path = module:get_option_path("oauth2_template_path", "html");
45 local templates = { 45 local templates = {
46 login = read_file(template_path, "login.html", true); 46 login = read_file(template_path, "login.html", true);
47 consent = read_file(template_path, "consent.html", true); 47 consent = read_file(template_path, "consent.html", true);
48 oob = read_file(template_path, "oob.html", true);
48 error = read_file(template_path, "error.html", true); 49 error = read_file(template_path, "error.html", true);
49 css = read_file(template_path, "style.css"); 50 css = read_file(template_path, "style.css");
50 js = read_file(template_path, "script.js"); 51 js = read_file(template_path, "script.js");
51 }; 52 };
52 53
326 return oauth_error("temporarily_unavailable"); 327 return oauth_error("temporarily_unavailable");
327 end 328 end
328 329
329 local redirect_uri = get_redirect_uri(client, params.redirect_uri); 330 local redirect_uri = get_redirect_uri(client, params.redirect_uri);
330 if redirect_uri == oob_uri then 331 if redirect_uri == oob_uri then
331 -- TODO some nicer template page 332 return render_page(templates.oob, { client = client; authorization_code = code }, true);
332 -- mod_http_errors will set content-type to text/html if it catches this
333 -- event, if not text/plain is kept for the fallback text.
334 local response = { status_code = 200; headers = { content_type = "text/plain" } }
335 response.body = module:context("*"):fire_event("http-message", {
336 response = response;
337 title = "Your authorization code";
338 message = "Here's your authorization code, copy and paste it into " .. (client.client_name or "your client");
339 extra = code;
340 }) or ("Here's your authorization code:\n%s\n"):format(code);
341 return response;
342 elseif not redirect_uri then 333 elseif not redirect_uri then
343 return oauth_error("invalid_redirect_uri"); 334 return oauth_error("invalid_redirect_uri");
344 end 335 end
345 336
346 local redirect = url.parse(redirect_uri); 337 local redirect = url.parse(redirect_uri);