# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1683483858 -7200
# Node ID 07e166b34c4ccf70206b9c50e55c40de85e48620
# Parent  d69c10327d6d7f5c8474362bb5c6e16f0b99afae
mod_http_oauth2: Simplify code with the power of first class functions

Selected / primary role is the first assumable role

diff -r d69c10327d6d -r 07e166b34c4c mod_http_oauth2/mod_http_oauth2.lua
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun May 07 19:11:20 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Sun May 07 20:24:18 2023 +0200
@@ -126,33 +126,13 @@
 	return array.filter(requested_roles, role_assumable_by(username));
 end
 
-local function select_role(username, requested_roles)
-	if requested_roles then
-		for _, requested_role in ipairs(requested_roles) do
-			if can_assume_role(username, requested_role) then
-				return requested_role;
-			end
-		end
-	end
-	-- otherwise no role
-end
-
 local function filter_scopes(username, requested_scope_string)
-	local granted_scopes, requested_roles;
+	local requested_scopes, requested_roles = split_scopes(parse_scopes(requested_scope_string or ""));
 
-	if requested_scope_string then -- Specific role(s) requested
-		granted_scopes, requested_roles = split_scopes(parse_scopes(requested_scope_string));
-	else
-		granted_scopes = array();
-	end
+	local granted_roles = user_assumable_roles(username, requested_roles);
+	local granted_scopes = requested_scopes + granted_roles;
 
-	if requested_roles then
-		granted_scopes:append(array.filter(requested_roles, function(role)
-			return can_assume_role(username, role)
-		end));
-	end
-
-	local selected_role = select_role(username, requested_roles);
+	local selected_role = granted_roles[1];
 
 	return granted_scopes:concat(" "), selected_role;
 end