Annotate

.luacheckrc @ 5193:2bb29ece216b

mod_http_oauth2: Implement stateless dynamic client registration Replaces previous explicit registration that required either the additional module mod_adhoc_oauth2_client or manually editing the database. That method was enough to have something to test with, but would not probably not scale easily. Dynamic client registration allows creating clients on the fly, which may be even easier in theory. In order to not allow basically unauthenticated writes to the database, we implement a stateless model here. per_host_key := HMAC(config -> oauth2_registration_key, hostname) client_id := JWT { client metadata } signed with per_host_key client_secret := HMAC(per_host_key, client_id) This should ensure everything we need to know is part of the client_id, allowing redirects etc to be validated, and the client_secret can be validated with only the client_id and the per_host_key. A nonce injected into the client_id JWT should ensure nobody can submit the same client metadata and retrieve the same client_secret
author Kim Alvefur <zash@zash.se>
date Fri, 03 Mar 2023 21:14:19 +0100
parent 5003:e840aadebb61
child 5300:fa97de0b0961
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1998
7c16e0199a06 Import and adapt .luacheckrc from Prosody 0.10
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 cache = true
4971
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
2 codes = true
2904
788f3616e6a0 luacheckrc: Rearrange options to be closer to the order used in main prosody repo
Kim Alvefur <zash@zash.se>
parents: 2888
diff changeset
3 allow_defined_top = true
3523
68beaf7fd7d6 luacheckrc: Copy line length setting from prosody
Kim Alvefur <zash@zash.se>
parents: 3422
diff changeset
4 max_line_length = 150
2904
788f3616e6a0 luacheckrc: Rearrange options to be closer to the order used in main prosody repo
Kim Alvefur <zash@zash.se>
parents: 2888
diff changeset
5 ignore = { "411/err", "421/err", "411/ok", "421/ok", "211/_ENV" };
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
6 read_globals = {
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
7 "prosody",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
8 "import",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
9
2598
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
10 -- Module instance
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
11 "module.name",
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
12 "module.host",
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
13 "module._log",
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
14 "module.event_handlers",
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
15 "module.reloading",
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
16 "module.saved_state",
2603
095f7f8ec545 luacheckrc: More module API fields
Kim Alvefur <zash@zash.se>
parents: 2598
diff changeset
17 "module.global",
095f7f8ec545 luacheckrc: More module API fields
Kim Alvefur <zash@zash.se>
parents: 2598
diff changeset
18 "module.path",
4971
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
19 "module.items",
2598
d9022fe9749c luacheckrc: List module instance fields
Kim Alvefur <zash@zash.se>
parents: 2597
diff changeset
20
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
21 -- Module API
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
22 "module.add_extension",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
23 "module.add_feature",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
24 "module.add_identity",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
25 "module.add_item",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
26 "module.add_timer",
4971
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
27 "module.weekly",
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
28 "module.daily",
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
29 "module.hourly",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
30 "module.broadcast",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
31 "module.context",
5003
e840aadebb61 .luacheckrc: Update for module:may() & co.
Matthew Wild <mwild1@gmail.com>
parents: 4971
diff changeset
32 "module.default_permission",
e840aadebb61 .luacheckrc: Update for module:may() & co.
Matthew Wild <mwild1@gmail.com>
parents: 4971
diff changeset
33 "module.default_permissions",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
34 "module.depends",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
35 "module.fire_event",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
36 "module.get_directory",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
37 "module.get_host",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
38 "module.get_host_items",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
39 "module.get_host_type",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
40 "module.get_name",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
41 "module.get_option",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
42 "module.get_option_array",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
43 "module.get_option_boolean",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
44 "module.get_option_inherited_set",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
45 "module.get_option_number",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
46 "module.get_option_path",
4971
bc78424968b2 luacheck: Update with changes from Prosody 0.12
Kim Alvefur <zash@zash.se>
parents: 4757
diff changeset
47 "module.get_option_scalar",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
48 "module.get_option_set",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
49 "module.get_option_string",
3524
a7a751e57f32 luacheckrc: Update API method list from prosody
Kim Alvefur <zash@zash.se>
parents: 3523
diff changeset
50 "module.get_status",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
51 "module.handle_items",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
52 "module.hook",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
53 "module.hook_global",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
54 "module.hook_object_event",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
55 "module.hook_tag",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
56 "module.load_resource",
3524
a7a751e57f32 luacheckrc: Update API method list from prosody
Kim Alvefur <zash@zash.se>
parents: 3523
diff changeset
57 "module.log",
a7a751e57f32 luacheckrc: Update API method list from prosody
Kim Alvefur <zash@zash.se>
parents: 3523
diff changeset
58 "module.log_status",
5003
e840aadebb61 .luacheckrc: Update for module:may() & co.
Matthew Wild <mwild1@gmail.com>
parents: 4971
diff changeset
59 "module.may",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
60 "module.measure",
4756
098e3b3aac9c luacheck: Make module:metric() known
Kim Alvefur <zash@zash.se>
parents: 4755
diff changeset
61 "module.metric",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
62 "module.open_store",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
63 "module.provides",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
64 "module.remove_item",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
65 "module.require",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
66 "module.send",
3422
ba3c79ef2253 lint: Teach luacheck about the new module:send_iq API
Kim Alvefur <zash@zash.se>
parents: 2906
diff changeset
67 "module.send_iq",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
68 "module.set_global",
3524
a7a751e57f32 luacheckrc: Update API method list from prosody
Kim Alvefur <zash@zash.se>
parents: 3523
diff changeset
69 "module.set_status",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
70 "module.shared",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
71 "module.unhook",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
72 "module.unhook_object_event",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
73 "module.wrap_event",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
74 "module.wrap_global",
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
75 "module.wrap_object_event",
2612
1cf418299d86 luacheckrc: Add the module:http_url API provided by mod_http to known globals
Kim Alvefur <zash@zash.se>
parents: 2604
diff changeset
76
1cf418299d86 luacheckrc: Add the module:http_url API provided by mod_http to known globals
Kim Alvefur <zash@zash.se>
parents: 2604
diff changeset
77 -- mod_http API
1cf418299d86 luacheckrc: Add the module:http_url API provided by mod_http to known globals
Kim Alvefur <zash@zash.se>
parents: 2604
diff changeset
78 "module.http_url",
2597
805fa6ca062b luacheckrc: List all module API methods (reqires luacheck 1.19)
Kim Alvefur <zash@zash.se>
parents: 1998
diff changeset
79 }
2604
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
80 globals = {
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
81 -- Methods that can be set on module API
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
82 "module.unload",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
83 "module.add_host",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
84 "module.load",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
85 "module.add_host",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
86 "module.save",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
87 "module.restore",
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
88 "module.command",
2905
b63f236a378f luacheckrc: Assign module.environment to section for writable globals
Kim Alvefur <zash@zash.se>
parents: 2904
diff changeset
89 "module.environment",
2604
08f2d2a61af8 luacheckrc: Whitelist methods that can be set on the module API instance
Kim Alvefur <zash@zash.se>
parents: 2603
diff changeset
90 }