# HG changeset patch # User Kim Alvefur # Date 1679431502 -3600 # Node ID 381c62ef52aa6bf0ecaff138cb1234b424f64ea5 # Parent e73f364b56245f830c88db32daa8c8e2b085bf38 mod_http_oauth2: Group metadata section into OAuth and OpenID Could easily be confusing otherwise if you're reading one spec and see properties not defined there. diff -r e73f364b5624 -r 381c62ef52aa mod_http_oauth2/mod_http_oauth2.lua --- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:36:54 2023 +0100 +++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:45:02 2023 +0100 @@ -792,16 +792,19 @@ ["GET"] = { headers = { content_type = "application/json" }; body = json.encode { + -- RFC 8414: OAuth 2.0 Authorization Server Metadata issuer = get_issuer(); authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; jwks_uri = nil; -- TODO? - userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):push("openid") or { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator"; "openid" }; response_types_supported = array(it.keys(response_type_handlers)); authorization_response_iss_parameter_supported = true; + + -- OpenID + userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; }; }; };