comparison mod_http_oauth2/mod_http_oauth2.lua @ 3919:8ed261a08a9c

mod_http_oauth2: Allow creation of full JID tokens
author Kim Alvefur <zash@zash.se>
date Thu, 27 Feb 2020 23:14:24 +0100
parents dea6bea2ddd3
children cf92e3b30c18
comparison
equal deleted inserted replaced
3918:dea6bea2ddd3 3919:8ed261a08a9c
29 local grant_type_handlers = {}; 29 local grant_type_handlers = {};
30 30
31 function grant_type_handlers.password(params) 31 function grant_type_handlers.password(params)
32 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); 32 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)"));
33 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); 33 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'"));
34 local request_username, request_host = jid.prepped_split(request_jid); 34 local request_username, request_host, request_resource = jid.prepped_split(request_jid);
35 if params.scope then 35 if params.scope then
36 return oauth_error("invalid_scope", "unknown scope requested"); 36 return oauth_error("invalid_scope", "unknown scope requested");
37 end 37 end
38 if not (request_username and request_host) or request_host ~= module.host then 38 if not (request_username and request_host) or request_host ~= module.host then
39 return oauth_error("invalid_request", "invalid JID"); 39 return oauth_error("invalid_request", "invalid JID");
40 end 40 end
41 if usermanager.test_password(request_username, request_host, request_password) then 41 if usermanager.test_password(request_username, request_host, request_password) then
42 local granted_jid = jid.join(request_username, request_host); 42 local granted_jid = jid.join(request_username, request_host, request_resource);
43 return json.encode(new_access_token(granted_jid, request_host, nil, nil)); 43 return json.encode(new_access_token(granted_jid, request_host, nil, nil));
44 end 44 end
45 return oauth_error("invalid_grant", "incorrect credentials"); 45 return oauth_error("invalid_grant", "incorrect credentials");
46 end 46 end
47 47