--- a/mod_auth_oauthbearer/mod_auth_oauthbearer.lua	Wed Jun 13 17:09:49 2018 +0000
+++ b/mod_auth_oauthbearer/mod_auth_oauthbearer.lua	Thu Jun 14 09:11:03 2018 +0000
@@ -29,10 +29,8 @@
 	return (s:gsub('(%b{})', function(w) return tab[w:sub(3, -3)] or w end))
 end
 
-function provider.test_password(sasl, username, password, realm)
+function provider.test_password(username, password, realm)
 	log("debug", "Testing signed OAuth2 for user %s at realm %s", username, realm);
-	-- TODO: determine, based on the "realm" which OAuth provider to verify with.
-	module:log("debug", "sync_http_auth()");
 	local https = require "ssl.https";
 	local url = interp(oauth_url, {oauth_client_id = oauth_client_id, password = password});
 	
@@ -45,12 +43,12 @@
 	};
 	if type(code) == "number" and code >= 200 and code <= 299 then
 		module:log("debug", "OAuth provider confirmed valid password");
-		return 'johnny', true;
+		return true;
 	else
-		module:log("warn", "OAuth provider returned status code: "..code);
+		module:log("debug", "OAuth provider returned status code: "..code);
 	end
-	module:log("warn", "OAuth failed. Invalid username or password.");
-	return nil, false;
+	module:log("warn", "Auth failed. Invalid username/password or misconfiguration.");
+	return nil;
 end
 
 function provider.users()
@@ -78,10 +76,9 @@
 function provider.get_sasl_handler()
 	local supported_mechanisms = {};
 	supported_mechanisms["OAUTHBEARER"] = true;
-
 	return new_sasl(host, {
 		oauthbearer = function(sasl, username, password, realm)
-			return provider.test_password(sasl, username, password, realm);
+			return provider.test_password(username, password, realm), true;
 		end,
         mechanisms = supported_mechanisms
 	});