changeset 5435:b3e7886fea6a

mod_auth_oauth_external: Add setting for client_secret Whether this is needed may vary by OAuth provider. Mastodon for example requires it.
author Kim Alvefur <zash@zash.se>
date Mon, 08 May 2023 20:12:43 +0200
parents 92ad8f03f225
children e7d99bacd0e8
files mod_auth_oauth_external/README.md mod_auth_oauth_external/mod_auth_oauth_external.lua
diffstat 2 files changed, 6 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_oauth_external/README.md	Mon May 08 20:01:34 2023 +0200
+++ b/mod_auth_oauth_external/README.md	Mon May 08 20:12:43 2023 +0200
@@ -74,6 +74,10 @@
 :   String. Client ID used to identify Prosody during the resource owner
     password grant.
 
+`oauth_external_client_secret`
+:   String. Client secret used to identify Prosody during the resource
+    owner password grant.
+
 # Compatibility
 
 ## Prosody
--- a/mod_auth_oauth_external/mod_auth_oauth_external.lua	Mon May 08 20:01:34 2023 +0200
+++ b/mod_auth_oauth_external/mod_auth_oauth_external.lua	Mon May 08 20:12:43 2023 +0200
@@ -16,7 +16,7 @@
 -- XXX Hold up, does whatever done here even need any of these things? Are we
 -- the OAuth client? Is the XMPP client the OAuth client? What are we???
 local client_id = module:get_option_string("oauth_external_client_id");
--- TODO -- local client_secret = module:get_option_string("oauth_external_client_secret");
+local client_secret = module:get_option_string("oauth_external_client_secret");
 
 --[[ More or less required endpoints
 digraph "oauth endpoints" {
@@ -41,6 +41,7 @@
 				body = http.formencode({
 					grant_type = "password";
 					client_id = client_id;
+					client_secret = client_secret;
 					username = map_username(username, realm);
 					password = password;
 					scope = "openid";