Software /
code /
prosody-modules
Diff
mod_http_oauth2/mod_http_oauth2.lua @ 5262:e73f364b5624
mod_http_oauth2: Rename oauth client credential related functions
To make it more explicit what "secret" these deal with.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 21 Mar 2023 21:36:54 +0100 |
parent | 5259:8fba651b10ef |
child | 5263:381c62ef52aa |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 15:26:03 2023 +0000 +++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:36:54 2023 +0100 @@ -284,12 +284,12 @@ } end -local function make_secret(client_id) --> client_secret +local function make_client_secret(client_id) --> client_secret return hashes.hmac_sha256(verification_key, client_id, true); end -local function verify_secret(client_id, client_secret) - return hashes.equals(make_secret(client_id), client_secret); +local function verify_client_secret(client_id, client_secret) + return hashes.equals(make_client_secret(client_id), client_secret); end function grant_type_handlers.authorization_code(params) @@ -305,7 +305,7 @@ return oauth_error("invalid_client", "incorrect credentials"); end - if not verify_secret(params.client_id, params.client_secret) then + if not verify_client_secret(params.client_id, params.client_secret) then module:log("debug", "client_secret mismatch"); return oauth_error("invalid_client", "incorrect credentials"); end @@ -552,7 +552,7 @@ end local user_jid = jid.join(auth_state.user.username, module.host); - local client_secret = make_secret(params.client_id); + local client_secret = make_client_secret(params.client_id); local id_token_signer = jwt.new_signer("HS256", client_secret); local id_token = id_token_signer({ iss = get_issuer(); @@ -675,7 +675,7 @@ -- Do we want to keep everything? local client_id = jwt_sign(client_metadata); - local client_secret = make_secret(client_id); + local client_secret = make_client_secret(client_id); client_metadata.client_id = client_id; client_metadata.client_secret = client_secret;