Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5203:c60cff787d6a
mod_http_oauth2: Return actually enabled response types in discovery
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 04 Mar 2023 21:24:35 +0100 |
| parents | b81fd0d22c66 |
| children | eb8b3a068ecc |
comparison
equal
deleted
inserted
replaced
| 5202:b81fd0d22c66 | 5203:c60cff787d6a |
|---|---|
| 9 local uuid = require "util.uuid"; | 9 local uuid = require "util.uuid"; |
| 10 local encodings = require "util.encodings"; | 10 local encodings = require "util.encodings"; |
| 11 local base64 = encodings.base64; | 11 local base64 = encodings.base64; |
| 12 local schema = require "util.jsonschema"; | 12 local schema = require "util.jsonschema"; |
| 13 local jwt = require"util.jwt"; | 13 local jwt = require"util.jwt"; |
| 14 local it = require "util.iterators"; | |
| 15 local array = require "util.array"; | |
| 14 | 16 |
| 15 local tokens = module:depends("tokenauth"); | 17 local tokens = module:depends("tokenauth"); |
| 16 | 18 |
| 17 -- Used to derive client_secret from client_id, set to enable stateless dynamic registration. | 19 -- Used to derive client_secret from client_id, set to enable stateless dynamic registration. |
| 18 local registration_key = module:get_option_string("oauth2_registration_key"); | 20 local registration_key = module:get_option_string("oauth2_registration_key"); |
| 475 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; | 477 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; |
| 476 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; | 478 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; |
| 477 jwks_uri = nil; -- TODO? | 479 jwks_uri = nil; -- TODO? |
| 478 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; | 480 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; |
| 479 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; | 481 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; |
| 480 response_types_supported = { "code"; "token" }; -- TODO derive from active config | 482 response_types_supported = array(it.keys(response_type_handlers)); |
| 481 authorization_response_iss_parameter_supported = true; | 483 authorization_response_iss_parameter_supported = true; |
| 482 }; | 484 }; |
| 483 }; | 485 }; |
| 484 }; | 486 }; |
| 485 }); | 487 }); |