prosody-modules
4ee8eb1134a8
mod_http_oauth2/mod_http_oauth2.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Comparison

mod_http_oauth2/mod_http_oauth2.lua @ 5189:4ee8eb1134a8

mod_http_oauth2: Add OIDC discovery endpoint (thanks Zash)
author Matthew Wild <mwild1@gmail.com>
date Fri, 03 Mar 2023 11:24:05 +0000
parent 5188:7c531137a553
child 5190:1733f184e2bb
comparison
equal deleted inserted replaced
5188:7c531137a553 5189:4ee8eb1134a8
367 end 367 end
368 event.response.headers.content_type = "application/json"; 368 event.response.headers.content_type = "application/json";
369 event.response.status_code = event.error.code or 400; 369 event.response.status_code = event.error.code or 400;
370 return json.encode(oauth2_response); 370 return json.encode(oauth2_response);
371 end, 5); 371 end, 5);
372
373 -- OIDC Discovery
374
375 module:provides("http", {
376 name = "oauth2-discovery";
377 default_path = "/.well-known/oauth-authorization-server";
378 route = {
379 ["GET"] = {
380 headers = { content_type = "application/json" };
381 body = json.encode {
382 issuer = module:http_url(nil, "/");
383 authorization_endpoint = module:http_url() .. "/authorize";
384 token_endpoint = module:http_url() .. "/token";
385 jwks_uri = nil; -- TODO?
386 registration_endpoint = nil; -- TODO
387 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" };
388 response_types_supported = { "code"; "token" };
389 };
390 };
391 };
392 });
393
394 module:shared("tokenauth/oauthbearer_config").oidc_discovery_url = module:http_url("oauth2-discovery", "/.well-known/oauth-authorization-server");