# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1684342162 -7200
# Node ID 398d936e77fbd05c6ad2379070f195f9ff9272d2
# Parent  66e13e79928b9b4842d2bf4bccb54b40bc314f12
mod_http_oauth2: Add support for the OpenID 'login_hint' parameter

This allows the client to suggest to the authorization screen which user
is trying to login, so they don't have to fill that in twice if they
already did so at the client.

diff -r 66e13e79928b -r 398d936e77fb mod_http_oauth2/html/login.html
--- a/mod_http_oauth2/html/login.html	Wed May 17 17:56:56 2023 +0200
+++ b/mod_http_oauth2/html/login.html	Wed May 17 18:49:22 2023 +0200
@@ -16,8 +16,8 @@
 		<p>{state.error}</p>
 	</div>}
 	<form method="post">
-		<input type="text" name="username" placeholder="Username" aria-label="Username" required autofocus><br/>
-		<input type="password" name="password" placeholder="Password" aria-label="Password" autocomplete="current-password" required><br/>
+		<input type="text" name="username" placeholder="Username" aria-label="Username" required {extra.no_username_hint&autofocus}{extra.username_hint& value="{extra.username_hint?}"}><br/>
+		<input type="password" name="password" placeholder="Password" aria-label="Password" autocomplete="current-password" required {extra.username_hint&autofocus}><br/>
 		<input type="submit" value="Sign in">
 	</form>
 	</fieldset>
diff -r 66e13e79928b -r 398d936e77fb mod_http_oauth2/mod_http_oauth2.lua
--- a/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 17:56:56 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 18:49:22 2023 +0200
@@ -707,7 +707,12 @@
 	local auth_state = get_auth_state(request);
 	if not auth_state.user then
 		-- Render login page
-		return render_page(templates.login, { state = auth_state, client = client });
+		local extra = {};
+		if params.login_hint then
+			extra.username_hint = (jid.prepped_split(params.login_hint));
+			extra.no_username_hint = not extra.username_hint;
+		end
+		return render_page(templates.login, { state = auth_state; client = client; extra = extra });
 	elseif auth_state.consent == nil then
 		-- Render consent page
 		local scopes, roles = split_scopes(requested_scopes);