Diff

mod_http_oauth2/mod_http_oauth2.lua @ 5466:398d936e77fb

mod_http_oauth2: Add support for the OpenID 'login_hint' parameter This allows the client to suggest to the authorization screen which user is trying to login, so they don't have to fill that in twice if they already did so at the client.
author Kim Alvefur <zash@zash.se>
date Wed, 17 May 2023 18:49:22 +0200
parent 5465:66e13e79928b
child 5467:1c78a97a1091
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 17:56:56 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 18:49:22 2023 +0200
@@ -707,7 +707,12 @@
 	local auth_state = get_auth_state(request);
 	if not auth_state.user then
 		-- Render login page
-		return render_page(templates.login, { state = auth_state, client = client });
+		local extra = {};
+		if params.login_hint then
+			extra.username_hint = (jid.prepped_split(params.login_hint));
+			extra.no_username_hint = not extra.username_hint;
+		end
+		return render_page(templates.login, { state = auth_state; client = client; extra = extra });
 	elseif auth_state.consent == nil then
 		-- Render consent page
 		local scopes, roles = split_scopes(requested_scopes);