Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5230:ac252db71027
mod_http_oauth2: Log flows enabled and disabled
If a developer ever wants to be sure what the state is
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 10 Mar 2023 12:01:52 +0100 |
| parents | c24a622a7b85 |
| children | bef543068077 |
comparison
equal
deleted
inserted
replaced
| 5229:c24a622a7b85 | 5230:ac252db71027 |
|---|---|
| 443 end | 443 end |
| 444 | 444 |
| 445 local allowed_grant_type_handlers = module:get_option_set("allowed_oauth2_grant_types", {"authorization_code", "password"}) | 445 local allowed_grant_type_handlers = module:get_option_set("allowed_oauth2_grant_types", {"authorization_code", "password"}) |
| 446 for handler_type in pairs(grant_type_handlers) do | 446 for handler_type in pairs(grant_type_handlers) do |
| 447 if not allowed_grant_type_handlers:contains(handler_type) then | 447 if not allowed_grant_type_handlers:contains(handler_type) then |
| 448 module:log("debug", "Grant type %q disabled", handler_type); | |
| 448 grant_type_handlers[handler_type] = nil; | 449 grant_type_handlers[handler_type] = nil; |
| 450 else | |
| 451 module:log("debug", "Grant type %q enabled", handler_type); | |
| 449 end | 452 end |
| 450 end | 453 end |
| 451 | 454 |
| 452 -- "token" aka implicit flow is considered insecure | 455 -- "token" aka implicit flow is considered insecure |
| 453 local allowed_response_type_handlers = module:get_option_set("allowed_oauth2_response_types", {"code"}) | 456 local allowed_response_type_handlers = module:get_option_set("allowed_oauth2_response_types", {"code"}) |
| 454 for handler_type in pairs(response_type_handlers) do | 457 for handler_type in pairs(response_type_handlers) do |
| 455 if not allowed_response_type_handlers:contains(handler_type) then | 458 if not allowed_response_type_handlers:contains(handler_type) then |
| 459 module:log("debug", "Response type %q disabled", handler_type); | |
| 456 grant_type_handlers[handler_type] = nil; | 460 grant_type_handlers[handler_type] = nil; |
| 461 else | |
| 462 module:log("debug", "Response type %q enabled", handler_type); | |
| 457 end | 463 end |
| 458 end | 464 end |
| 459 | 465 |
| 460 function handle_token_grant(event) | 466 function handle_token_grant(event) |
| 461 local credentials = get_request_credentials(event.request); | 467 local credentials = get_request_credentials(event.request); |
