Comparison

mod_http_oauth2/mod_http_oauth2.lua @ 5200:afed7d5bd65c

mod_http_oauth2: Advertise endpoints that are enabled If you don't set the registration secret, some of these are not actually available, so don't advertise them.
author Kim Alvefur <zash@zash.se>
date Fri, 03 Mar 2023 22:54:46 +0100
parent 5199:f48628dc83f1
child 5201:47576c73eedf
comparison
equal deleted inserted replaced
5199:f48628dc83f1 5200:afed7d5bd65c
467 route = { 467 route = {
468 ["GET"] = { 468 ["GET"] = {
469 headers = { content_type = "application/json" }; 469 headers = { content_type = "application/json" };
470 body = json.encode { 470 body = json.encode {
471 issuer = module:http_url(nil, "/"); 471 issuer = module:http_url(nil, "/");
472 authorization_endpoint = module:http_url() .. "/authorize"; 472 authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil;
473 token_endpoint = module:http_url() .. "/token"; 473 token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil;
474 jwks_uri = nil; -- TODO? 474 jwks_uri = nil; -- TODO?
475 registration_endpoint = module:http_url() .. "/register"; 475 registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil;
476 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" }; 476 scopes_supported = { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator" };
477 response_types_supported = { "code"; "token" }; 477 response_types_supported = { "code"; "token" }; -- TODO derive from active config
478 authorization_response_iss_parameter_supported = true; 478 authorization_response_iss_parameter_supported = true;
479 }; 479 };
480 }; 480 };
481 }; 481 };
482 }); 482 });