author | Guus der Kinderen <guus.der.kinderen@gmail.com> |
Thu, 14 Mar 2024 09:55:46 +0100 | |
changeset 5873 | faf1f1c833e8 |
parent 5264 | a9c1cc91d3d6 |
permissions | -rw-r--r-- |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
local adhoc = require "util.adhoc"; |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
local dataforms = require "util.dataforms"; |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
|
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
4 |
local mod_http_oauth2 = module:depends"http_oauth2"; |
4267
d3af5f94d6df
mod_http_oauth2: Improve storage of client secret
Kim Alvefur <zash@zash.se>
parents:
4266
diff
changeset
|
5 |
|
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
local new_client = dataforms.new({ |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
title = "Create OAuth2 client"; |
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
8 |
{ var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#create" }; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
9 |
{ name = "client_name"; type = "text-single"; label = "Client name"; required = true }; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
10 |
{ |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
11 |
name = "client_uri"; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
12 |
type = "text-single"; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
13 |
label = "Informative URL"; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
14 |
desc = "Link to information about your client. MUST be https URI."; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
15 |
datatype = "xs:anyURI"; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
16 |
required = true; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
17 |
}; |
4271
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
18 |
{ |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
19 |
name = "redirect_uri"; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
20 |
type = "text-single"; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
21 |
label = "Redirection URI"; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
22 |
desc = "Where to redirect the user after authorizing."; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
23 |
datatype = "xs:anyURI"; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
24 |
required = true; |
43284437c5ed
mod_adhoc_oauth2_client: Advertise URI fields with XEP-0122
Kim Alvefur <zash@zash.se>
parents:
4270
diff
changeset
|
25 |
}; |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
}) |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
|
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
local client_created = dataforms.new({ |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
title = "New OAuth2 client created"; |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
instructions = "Save these details, they will not be shown again"; |
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
31 |
{ var = "FORM_TYPE"; type = "hidden"; value = "urn:uuid:ff0d55ed-2187-4ee0-820a-ab633a911c14#created" }; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
32 |
{ name = "client_id"; type = "text-single"; label = "Client ID" }; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
33 |
{ name = "client_secret"; type = "text-single"; label = "Client secret" }; |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
}) |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
|
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
local function create_client(client, formerr, data) |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 |
if formerr then |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
local errmsg = {"Error in form:"}; |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
for field, err in pairs(formerr) do table.insert(errmsg, field .. ": " .. err); end |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
return {status = "error"; error = {message = table.concat(errmsg, "\n")}}; |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
end |
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
42 |
client.redirect_uris = { client.redirect_uri }; |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
43 |
client.redirect_uri = nil; |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
|
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
45 |
local client_metadata, err = mod_http_oauth2.create_client(client); |
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
46 |
if err then return { status = "error"; error = err }; end |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
|
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
48 |
module:log("info", "OAuth2 client %q %q created by %s", client.name, client.info_uri, data.from); |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
|
5264
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
4272
diff
changeset
|
50 |
return { status = "completed"; result = { layout = client_created; values = client_metadata } }; |
4265
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
end |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
|
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
local handler = adhoc.new_simple_form(new_client, create_client); |
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
|
608be9a66876
mod_adhoc_oauth2_client: Allow creating OAuth2 clients via ad-hoc
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
module:provides("adhoc", module:require "adhoc".new(new_client.title, new_client[1].value, handler, "local_user")); |
4266
6d7fb22c0440
mod_adhoc_oauth2_client: Note TODO
Kim Alvefur <zash@zash.se>
parents:
4265
diff
changeset
|
56 |
|
6d7fb22c0440
mod_adhoc_oauth2_client: Note TODO
Kim Alvefur <zash@zash.se>
parents:
4265
diff
changeset
|
57 |
-- TODO list/manage/revoke clients |