Mercurial > prosody-modules
changeset 5189:4ee8eb1134a8
mod_http_oauth2: Add OIDC discovery endpoint (thanks Zash)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 03 Mar 2023 11:24:05 +0000 |
parents | 7c531137a553 |
children | 1733f184e2bb |
files | mod_http_oauth2/mod_http_oauth2.lua |
diffstat | 1 files changed, 23 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Thu Mar 02 23:59:09 2023 +0100 +++ b/mod_http_oauth2/mod_http_oauth2.lua Fri Mar 03 11:24:05 2023 +0000 @@ -369,3 +369,26 @@ event.response.status_code = event.error.code or 400; return json.encode(oauth2_response); end, 5); + +-- OIDC Discovery + +module:provides("http", { + name = "oauth2-discovery"; + default_path = "/.well-known/oauth-authorization-server"; + route = { + ["GET"] = { + headers = { content_type = "application/json" }; + body = json.encode { + issuer = module:http_url(nil, "/"); + authorization_endpoint = module:http_url() .. "/authorize"; + token_endpoint = module:http_url() .. "/token"; + jwks_uri = nil; -- TODO? + registration_endpoint = nil; -- TODO + scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; + response_types_supported = { "code"; "token" }; + }; + }; + }; +}); + +module:shared("tokenauth/oauthbearer_config").oidc_discovery_url = module:http_url("oauth2-discovery", "/.well-known/oauth-authorization-server");