Mercurial > prosody-modules
diff mod_http_oauth2/mod_http_oauth2.lua @ 5495:7998b49d6512
mod_http_oauth2: Create proper template for OOB code delivery
This also improves security by reusing the security and cache headers,
where mod_http_errors/http-message doesn't add such headers.
Colors selected by taking rotating the error colors, rrggbb -> ggbbrr
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 31 May 2023 03:44:04 +0200 |
| parents | 5108f63e762b |
| children | 57ce8c4017e7 |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Fri May 26 15:49:39 2023 +0200 +++ b/mod_http_oauth2/mod_http_oauth2.lua Wed May 31 03:44:04 2023 +0200 @@ -45,6 +45,7 @@ local templates = { login = read_file(template_path, "login.html", true); consent = read_file(template_path, "consent.html", true); + oob = read_file(template_path, "oob.html", true); error = read_file(template_path, "error.html", true); css = read_file(template_path, "style.css"); js = read_file(template_path, "script.js"); @@ -328,17 +329,7 @@ local redirect_uri = get_redirect_uri(client, params.redirect_uri); if redirect_uri == oob_uri then - -- TODO some nicer template page - -- mod_http_errors will set content-type to text/html if it catches this - -- event, if not text/plain is kept for the fallback text. - local response = { status_code = 200; headers = { content_type = "text/plain" } } - response.body = module:context("*"):fire_event("http-message", { - response = response; - title = "Your authorization code"; - message = "Here's your authorization code, copy and paste it into " .. (client.client_name or "your client"); - extra = code; - }) or ("Here's your authorization code:\n%s\n"):format(code); - return response; + return render_page(templates.oob, { client = client; authorization_code = code }, true); elseif not redirect_uri then return oauth_error("invalid_redirect_uri"); end