# HG changeset patch # User Kim Alvefur # Date 1679431014 -3600 # Node ID e73f364b56245f830c88db32daa8c8e2b085bf38 # Parent 6526b670e66d44fe0400cb704f755be648e92ca9 mod_http_oauth2: Rename oauth client credential related functions To make it more explicit what "secret" these deal with. diff -r 6526b670e66d -r e73f364b5624 mod_http_oauth2/mod_http_oauth2.lua --- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 15:26:03 2023 +0000 +++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:36:54 2023 +0100 @@ -284,12 +284,12 @@ } end -local function make_secret(client_id) --> client_secret +local function make_client_secret(client_id) --> client_secret return hashes.hmac_sha256(verification_key, client_id, true); end -local function verify_secret(client_id, client_secret) - return hashes.equals(make_secret(client_id), client_secret); +local function verify_client_secret(client_id, client_secret) + return hashes.equals(make_client_secret(client_id), client_secret); end function grant_type_handlers.authorization_code(params) @@ -305,7 +305,7 @@ return oauth_error("invalid_client", "incorrect credentials"); end - if not verify_secret(params.client_id, params.client_secret) then + if not verify_client_secret(params.client_id, params.client_secret) then module:log("debug", "client_secret mismatch"); return oauth_error("invalid_client", "incorrect credentials"); end @@ -552,7 +552,7 @@ end local user_jid = jid.join(auth_state.user.username, module.host); - local client_secret = make_secret(params.client_id); + local client_secret = make_client_secret(params.client_id); local id_token_signer = jwt.new_signer("HS256", client_secret); local id_token = id_token_signer({ iss = get_issuer(); @@ -675,7 +675,7 @@ -- Do we want to keep everything? local client_id = jwt_sign(client_metadata); - local client_secret = make_secret(client_id); + local client_secret = make_client_secret(client_id); client_metadata.client_id = client_id; client_metadata.client_secret = client_secret;