Software / code / prosody-modules
Changeset
5263:381c62ef52aa
mod_http_oauth2: Group metadata section into OAuth and OpenID
Could easily be confusing otherwise if you're reading one spec and see
properties not defined there.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 21 Mar 2023 21:45:02 +0100 |
| parents | 5262:e73f364b5624 |
| children | 5264:d3ebaef1ea7a |
| files | mod_http_oauth2/mod_http_oauth2.lua |
| diffstat | 1 files changed, 4 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:36:54 2023 +0100 +++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:45:02 2023 +0100 @@ -792,16 +792,19 @@ ["GET"] = { headers = { content_type = "application/json" }; body = json.encode { + -- RFC 8414: OAuth 2.0 Authorization Server Metadata issuer = get_issuer(); authorization_endpoint = handle_authorization_request and module:http_url() .. "/authorize" or nil; token_endpoint = handle_token_grant and module:http_url() .. "/token" or nil; jwks_uri = nil; -- TODO? - userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; registration_endpoint = handle_register_request and module:http_url() .. "/register" or nil; scopes_supported = usermanager.get_all_roles and array(it.keys(usermanager.get_all_roles(module.host))):push("openid") or { "prosody:restricted"; "prosody:user"; "prosody:admin"; "prosody:operator"; "openid" }; response_types_supported = array(it.keys(response_type_handlers)); authorization_response_iss_parameter_supported = true; + + -- OpenID + userinfo_endpoint = handle_register_request and module:http_url() .. "/userinfo" or nil; }; }; };
