Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 3919:8ed261a08a9c
mod_http_oauth2: Allow creation of full JID tokens
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 27 Feb 2020 23:14:24 +0100 |
parents | dea6bea2ddd3 |
children | cf92e3b30c18 |
comparison
equal
deleted
inserted
replaced
3918:dea6bea2ddd3 | 3919:8ed261a08a9c |
---|---|
29 local grant_type_handlers = {}; | 29 local grant_type_handlers = {}; |
30 | 30 |
31 function grant_type_handlers.password(params) | 31 function grant_type_handlers.password(params) |
32 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); | 32 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); |
33 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); | 33 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); |
34 local request_username, request_host = jid.prepped_split(request_jid); | 34 local request_username, request_host, request_resource = jid.prepped_split(request_jid); |
35 if params.scope then | 35 if params.scope then |
36 return oauth_error("invalid_scope", "unknown scope requested"); | 36 return oauth_error("invalid_scope", "unknown scope requested"); |
37 end | 37 end |
38 if not (request_username and request_host) or request_host ~= module.host then | 38 if not (request_username and request_host) or request_host ~= module.host then |
39 return oauth_error("invalid_request", "invalid JID"); | 39 return oauth_error("invalid_request", "invalid JID"); |
40 end | 40 end |
41 if usermanager.test_password(request_username, request_host, request_password) then | 41 if usermanager.test_password(request_username, request_host, request_password) then |
42 local granted_jid = jid.join(request_username, request_host); | 42 local granted_jid = jid.join(request_username, request_host, request_resource); |
43 return json.encode(new_access_token(granted_jid, request_host, nil, nil)); | 43 return json.encode(new_access_token(granted_jid, request_host, nil, nil)); |
44 end | 44 end |
45 return oauth_error("invalid_grant", "incorrect credentials"); | 45 return oauth_error("invalid_grant", "incorrect credentials"); |
46 end | 46 end |
47 | 47 |