Software /
code /
prosody-modules
Diff
mod_adhoc_oauth2_client/mod_adhoc_oauth2_client.lua @ 5260:a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 19 Mar 2023 22:21:41 +0100 |
parent | 4268:871d140d61bb |
line wrap: on
line diff
--- a/mod_adhoc_oauth2_client/mod_adhoc_oauth2_client.lua Sun Mar 19 22:13:27 2023 +0100 +++ b/mod_adhoc_oauth2_client/mod_adhoc_oauth2_client.lua Sun Mar 19 22:21:41 2023 +0100 @@ -1,22 +1,20 @@ local adhoc = require "util.adhoc"; local dataforms = require "util.dataforms"; -local errors = require "util.error"; -local hashes = require "util.hashes"; -local id = require "util.id"; -local jid = require "util.jid"; -local base64 = require"util.encodings".base64; -local clients = module:open_store("oauth2_clients", "map"); - -local iteration_count = module:get_option_number("oauth2_client_iteration_count", 10000); -local pepper = module:get_option_string("oauth2_client_pepper", ""); +local mod_http_oauth2 = module:depends"http_oauth2"; local new_client = dataforms.new({ title = "Create OAuth2 client"; - {var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#create"}; - {name = "name"; type = "text-single"; label = "Client name"; required = true}; - {name = "description"; type = "text-multi"; label = "Description"}; - {name = "info_url"; type = "text-single"; label = "Informative URL"; desc = "Link to information about your client"; datatype = "xs:anyURI"}; + { var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#create" }; + { name = "client_name"; type = "text-single"; label = "Client name"; required = true }; + { + name = "client_uri"; + type = "text-single"; + label = "Informative URL"; + desc = "Link to information about your client. MUST be https URI."; + datatype = "xs:anyURI"; + required = true; + }; { name = "redirect_uri"; type = "text-single"; @@ -30,9 +28,9 @@ local client_created = dataforms.new({ title = "New OAuth2 client created"; instructions = "Save these details, they will not be shown again"; - {var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#created"}; - {name = "client_id"; type = "text-single"; label = "Client ID"}; - {name = "client_secret"; type = "text-single"; label = "Client secret"}; + { var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#created" }; + { name = "client_id"; type = "text-single"; label = "Client ID" }; + { name = "client_secret"; type = "text-single"; label = "Client secret" }; }) local function create_client(client, formerr, data) @@ -41,23 +39,15 @@ for field, err in pairs(formerr) do table.insert(errmsg, field .. ": " .. err); end return {status = "error"; error = {message = table.concat(errmsg, "\n")}}; end - - local creator = jid.split(data.from); - local client_uid = id.short(); - local client_id = jid.join(creator, module.host, client_uid); - local client_secret = id.long(); - local salt = id.medium(); - local i = iteration_count; + client.redirect_uris = { client.redirect_uri }; + client.redirect_uri = nil; - client.secret_hash = base64.encode(hashes.pbkdf2_hmac_sha256(client_secret, salt .. pepper, i)); - client.iteration_count = i; - client.salt = salt; + local client_metadata, err = mod_http_oauth2.create_client(client); + if err then return { status = "error"; error = err }; end - local ok, err = errors.coerce(clients:set(creator, client_uid, client)); - module:log("info", "OAuth2 client %q created by %s", client_id, data.from); - if not ok then return {status = "canceled"; error = {message = err}}; end + module:log("info", "OAuth2 client %q %q created by %s", client.name, client.info_uri, data.from); - return {status = "completed"; result = {layout = client_created; values = {client_id = client_id; client_secret = client_secret}}}; + return { status = "completed"; result = { layout = client_created; values = client_metadata } }; end local handler = adhoc.new_simple_form(new_client, create_client);