# HG changeset patch # User Kim Alvefur # Date 1683569563 -7200 # Node ID b3e7886fea6a745b002dade9142113018e625e2d # Parent 92ad8f03f225650c351ca5fd16a7e1762dcbec5e mod_auth_oauth_external: Add setting for client_secret Whether this is needed may vary by OAuth provider. Mastodon for example requires it. diff -r 92ad8f03f225 -r b3e7886fea6a mod_auth_oauth_external/README.md --- a/mod_auth_oauth_external/README.md Mon May 08 20:01:34 2023 +0200 +++ b/mod_auth_oauth_external/README.md Mon May 08 20:12:43 2023 +0200 @@ -74,6 +74,10 @@ : String. Client ID used to identify Prosody during the resource owner password grant. +`oauth_external_client_secret` +: String. Client secret used to identify Prosody during the resource + owner password grant. + # Compatibility ## Prosody diff -r 92ad8f03f225 -r b3e7886fea6a mod_auth_oauth_external/mod_auth_oauth_external.lua --- a/mod_auth_oauth_external/mod_auth_oauth_external.lua Mon May 08 20:01:34 2023 +0200 +++ b/mod_auth_oauth_external/mod_auth_oauth_external.lua Mon May 08 20:12:43 2023 +0200 @@ -16,7 +16,7 @@ -- XXX Hold up, does whatever done here even need any of these things? Are we -- the OAuth client? Is the XMPP client the OAuth client? What are we??? local client_id = module:get_option_string("oauth_external_client_id"); --- TODO -- local client_secret = module:get_option_string("oauth_external_client_secret"); +local client_secret = module:get_option_string("oauth_external_client_secret"); --[[ More or less required endpoints digraph "oauth endpoints" { @@ -41,6 +41,7 @@ body = http.formencode({ grant_type = "password"; client_id = client_id; + client_secret = client_secret; username = map_username(username, realm); password = password; scope = "openid";