Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5230:ac252db71027
mod_http_oauth2: Log flows enabled and disabled
If a developer ever wants to be sure what the state is
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 10 Mar 2023 12:01:52 +0100 |
parents | c24a622a7b85 |
children | bef543068077 |
comparison
equal
deleted
inserted
replaced
5229:c24a622a7b85 | 5230:ac252db71027 |
---|---|
443 end | 443 end |
444 | 444 |
445 local allowed_grant_type_handlers = module:get_option_set("allowed_oauth2_grant_types", {"authorization_code", "password"}) | 445 local allowed_grant_type_handlers = module:get_option_set("allowed_oauth2_grant_types", {"authorization_code", "password"}) |
446 for handler_type in pairs(grant_type_handlers) do | 446 for handler_type in pairs(grant_type_handlers) do |
447 if not allowed_grant_type_handlers:contains(handler_type) then | 447 if not allowed_grant_type_handlers:contains(handler_type) then |
448 module:log("debug", "Grant type %q disabled", handler_type); | |
448 grant_type_handlers[handler_type] = nil; | 449 grant_type_handlers[handler_type] = nil; |
450 else | |
451 module:log("debug", "Grant type %q enabled", handler_type); | |
449 end | 452 end |
450 end | 453 end |
451 | 454 |
452 -- "token" aka implicit flow is considered insecure | 455 -- "token" aka implicit flow is considered insecure |
453 local allowed_response_type_handlers = module:get_option_set("allowed_oauth2_response_types", {"code"}) | 456 local allowed_response_type_handlers = module:get_option_set("allowed_oauth2_response_types", {"code"}) |
454 for handler_type in pairs(response_type_handlers) do | 457 for handler_type in pairs(response_type_handlers) do |
455 if not allowed_response_type_handlers:contains(handler_type) then | 458 if not allowed_response_type_handlers:contains(handler_type) then |
459 module:log("debug", "Response type %q disabled", handler_type); | |
456 grant_type_handlers[handler_type] = nil; | 460 grant_type_handlers[handler_type] = nil; |
461 else | |
462 module:log("debug", "Response type %q enabled", handler_type); | |
457 end | 463 end |
458 end | 464 end |
459 | 465 |
460 function handle_token_grant(event) | 466 function handle_token_grant(event) |
461 local credentials = get_request_credentials(event.request); | 467 local credentials = get_request_credentials(event.request); |