Mercurial > prosody-modules
changeset 5435:b3e7886fea6a
mod_auth_oauth_external: Add setting for client_secret
Whether this is needed may vary by OAuth provider. Mastodon for example
requires it.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 08 May 2023 20:12:43 +0200 |
| parents | 92ad8f03f225 |
| children | e7d99bacd0e8 |
| files | mod_auth_oauth_external/README.md mod_auth_oauth_external/mod_auth_oauth_external.lua |
| diffstat | 2 files changed, 6 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_auth_oauth_external/README.md Mon May 08 20:01:34 2023 +0200 +++ b/mod_auth_oauth_external/README.md Mon May 08 20:12:43 2023 +0200 @@ -74,6 +74,10 @@ : String. Client ID used to identify Prosody during the resource owner password grant. +`oauth_external_client_secret` +: String. Client secret used to identify Prosody during the resource + owner password grant. + # Compatibility ## Prosody
--- a/mod_auth_oauth_external/mod_auth_oauth_external.lua Mon May 08 20:01:34 2023 +0200 +++ b/mod_auth_oauth_external/mod_auth_oauth_external.lua Mon May 08 20:12:43 2023 +0200 @@ -16,7 +16,7 @@ -- XXX Hold up, does whatever done here even need any of these things? Are we -- the OAuth client? Is the XMPP client the OAuth client? What are we??? local client_id = module:get_option_string("oauth_external_client_id"); --- TODO -- local client_secret = module:get_option_string("oauth_external_client_secret"); +local client_secret = module:get_option_string("oauth_external_client_secret"); --[[ More or less required endpoints digraph "oauth endpoints" { @@ -41,6 +41,7 @@ body = http.formencode({ grant_type = "password"; client_id = client_id; + client_secret = client_secret; username = map_username(username, realm); password = password; scope = "openid";