diff mod_auth_oauth_external/mod_auth_oauth_external.lua @ 6528:6241b2f5e92f

mod_auth_oauth_external: Minor code cleanup Attempt to reduce differences between SASL PLAIN and OAUTHBERARER code paths, which overlap in the validation endpoint interaction and response handling.
author Kim Alvefur <zash@zash.se>
date Sat, 02 May 2026 17:11:49 +0200
parents 1216f6befbe7
children
line wrap: on
line diff
--- a/mod_auth_oauth_external/mod_auth_oauth_external.lua	Sat May 02 16:26:31 2026 +0200
+++ b/mod_auth_oauth_external/mod_auth_oauth_external.lua	Sat May 02 17:11:49 2026 +0200
@@ -37,7 +37,6 @@
 
 local accounts = module:open_store("accounts");
 
-local host = module.host;
 local provider = {};
 
 -- TODO remove, not needed after https://hg.prosody.im/trunk/rev/01f95f3de6fc
@@ -123,13 +122,11 @@
 				return false, nil;
 			end
 			local response = json.decode(ret.body);
-			if type(response) ~= "table" then
-				return false, nil, nil;
-			elseif type(response[username_field]) ~= "string" then
+			if type(response) ~= "table" or type(response[username_field]) ~= "string" then
 				return false, nil, nil;
 			end
+			self.token_info = response;
 			self.username = jid.escape(response[username_field]);
-			self.token_info = response;
 			accounts:set(self.username, { exists = true });
 			return true, true;
 		end
@@ -146,18 +143,20 @@
 			if err then
 				return false, nil, extra;
 			end
-			local response = ret and json.decode(ret.body);
+			-- response decoded earlier since it can include an error struct that should be returned to client
+			local response = json.decode(ret.body);
 			if not (ret.code >= 200 and ret.code < 300) then
 				return false, nil, response or extra;
 			end
 			if type(response) ~= "table" or type(response[username_field]) ~= "string" then
 				return false, nil, nil;
 			end
+			self.token_info = response;
 
 			return jid.escape(response[username_field]), true, response;
 		end
 	end
-	return sasl.new(host, profile);
+	return sasl.new(module.host, profile);
 end
 
 module:provides("auth", provider);