Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5266:5943605201ca
mod_http_oauth2: Remove now unused code
Was apparently only used in revocation which now uses
get_request_credentials() directly
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 21 Mar 2023 22:23:28 +0100 |
| parents | f845c218e52c |
| children | 60e0bc35de33 |
comparison
equal
deleted
inserted
replaced
| 5265:f845c218e52c | 5266:5943605201ca |
|---|---|
| 399 end | 399 end |
| 400 | 400 |
| 401 return nil; | 401 return nil; |
| 402 end | 402 end |
| 403 | 403 |
| 404 local function check_credentials(request, allow_token) | |
| 405 local credentials = get_request_credentials(request); | |
| 406 if not credentials then return nil; end | |
| 407 | |
| 408 if credentials.username and credentials.password then | |
| 409 local username = encodings.stringprep.nodeprep(credentials.username); | |
| 410 local password = encodings.stringprep.saslprep(credentials.password); | |
| 411 if not (username and password) then return false; end | |
| 412 if not usermanager.test_password(username, module.host, password) then | |
| 413 return false; | |
| 414 end | |
| 415 return username; | |
| 416 elseif allow_token and credentials.bearer_token then | |
| 417 local token_info = tokens.get_token_info(credentials.bearer_token); | |
| 418 if not token_info or not token_info.session or token_info.session.host ~= module.host then | |
| 419 return false; | |
| 420 end | |
| 421 return token_info.session.username; | |
| 422 end | |
| 423 return nil; | |
| 424 end | |
| 425 | |
| 426 if module:get_host_type() == "component" then | 404 if module:get_host_type() == "component" then |
| 427 local component_secret = assert(module:get_option_string("component_secret"), "'component_secret' is a required setting when loaded on a Component"); | 405 local component_secret = assert(module:get_option_string("component_secret"), "'component_secret' is a required setting when loaded on a Component"); |
| 428 | 406 |
| 429 function grant_type_handlers.password(params) | 407 function grant_type_handlers.password(params) |
| 430 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); | 408 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); |
