prosody-modules
b071d8ee6555
mod_http_oauth2/mod_http_oauth2.lua
Software / code / prosody-modules
Comparison
mod_http_oauth2/mod_http_oauth2.lua @ 5452:b071d8ee6555
mod_http_oauth2: Show only roles the user can use in consent dialog
Confusing if it shows you roles you can't use.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 12 May 2023 11:58:20 +0200 |
| parent | 5451:6705f2a09702 |
| child | 5453:7dc429b7c3f3 |
comparison
equal
deleted
inserted
replaced
| 5451:6705f2a09702 | 5452:b071d8ee6555 |
|---|---|
| 680 -- Render login page | 680 -- Render login page |
| 681 return render_page(templates.login, { state = auth_state, client = client }); | 681 return render_page(templates.login, { state = auth_state, client = client }); |
| 682 elseif auth_state.consent == nil then | 682 elseif auth_state.consent == nil then |
| 683 -- Render consent page | 683 -- Render consent page |
| 684 local scopes, roles = split_scopes(requested_scopes); | 684 local scopes, roles = split_scopes(requested_scopes); |
| 685 roles = user_assumable_roles(auth_state.user.username, roles); | |
| 685 return render_page(templates.consent, { state = auth_state; client = client; scopes = scopes+roles }, true); | 686 return render_page(templates.consent, { state = auth_state; client = client; scopes = scopes+roles }, true); |
| 686 elseif not auth_state.consent then | 687 elseif not auth_state.consent then |
| 687 -- Notify client of rejection | 688 -- Notify client of rejection |
| 688 return error_response(request, oauth_error("access_denied")); | 689 return error_response(request, oauth_error("access_denied")); |
| 689 end | 690 end |
