Mercurial Mercurial > prosody > prosody-modules / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2/mod_http_oauth2.lua
changeset 5271 60e0bc35de33
parent 5270 5943605201ca
child 5272 bac39c6e7203
equal deleted inserted replaced
5270:5943605201ca 5271:60e0bc35de33 
   546 	return response_handler(client, params, user_jid, id_token);
 
   546 	return response_handler(client, params, user_jid, id_token);
 
   547 end
 
   547 end
 
   548 
   548 
   549 local function handle_revocation_request(event)
 
   549 local function handle_revocation_request(event)
 
   550 	local request, response = event.request, event.response;
 
   550 	local request, response = event.request, event.response;
 
   551 		if request.headers.content_type ~= "application/x-www-form-urlencoded"
 
       
   552 	or not request.body or request.body == "" then
 
       
   553 		return 400;
 
       
   554 	end
 
       
   555 	if request.headers.authorization then
 
   551 	if request.headers.authorization then
 
   556 		local credentials = get_request_credentials(request);
 
   552 		local credentials = get_request_credentials(request);
 
   557 		if not credentials or credentials.type ~= "basic" then
 
   553 		if not credentials or credentials.type ~= "basic" then
 
   558 			response.headers.www_authenticate = string.format("Basic realm=%q", module.host.."/"..module.name);
 
   554 			response.headers.www_authenticate = string.format("Basic realm=%q", module.host.."/"..module.name);
 
   559 			return 401;
 
   555 			return 401;
 
   562 		if not verify_client_secret(credentials.username, credentials.password) then
 
   558 		if not verify_client_secret(credentials.username, credentials.password) then
 
   563 			return 401;
 
   559 			return 401;
 
   564 		end
 
   560 		end
 
   565 	end
 
   561 	end
 
   566 
   562 
   567 	local form_data = http.formdecode(event.request.body);
 
   563 	local form_data = http.formdecode(event.request.body or "");
 
   568 	if not form_data or not form_data.token then
 
   564 	if not form_data or not form_data.token then
 
   569 		return 400;
 
   565 		response.headers.accept = "application/x-www-form-urlencoded";
 
       
   566 		return 415;
 
   570 	end
 
   567 	end
 
   571 	local ok, err = tokens.revoke_token(form_data.token);
 
   568 	local ok, err = tokens.revoke_token(form_data.token);
 
   572 	if not ok then
 
   569 	if not ok then
 
   573 		module:log("warn", "Unable to revoke token: %s", tostring(err));
 
   570 		module:log("warn", "Unable to revoke token: %s", tostring(err));
 
   574 		return 500;
 
   571 		return 500;
prosody-modules