equal
deleted
inserted
replaced
664 module:fire_event("authentication-success", auth_event); |
664 module:fire_event("authentication-success", auth_event); |
665 return { |
665 return { |
666 user = { |
666 user = { |
667 username = username; |
667 username = username; |
668 host = module.host; |
668 host = module.host; |
669 token = new_user_token({ username = username; host = module.host; auth_time = os.time(); amr = { "pwd" } }); |
669 token = new_user_token({ username = username; host = module.host; amr = { "pwd" } }); |
670 }; |
670 }; |
671 }; |
671 }; |
672 elseif form.user_token and form.consent then |
672 elseif form.user_token and form.consent then |
673 -- Second step: consent |
673 -- Second step: consent |
674 local ok, user = verify_user_token(form.user_token); |
674 local ok, user = verify_user_token(form.user_token); |
966 local id_token_signer = jwt.new_signer("HS256", client_secret); |
966 local id_token_signer = jwt.new_signer("HS256", client_secret); |
967 local id_token = id_token_signer({ |
967 local id_token = id_token_signer({ |
968 iss = get_issuer(); |
968 iss = get_issuer(); |
969 sub = url.build({ scheme = "xmpp"; path = user_jid }); |
969 sub = url.build({ scheme = "xmpp"; path = user_jid }); |
970 aud = params.client_id; |
970 aud = params.client_id; |
971 auth_time = auth_state.user.auth_time; |
971 auth_time = auth_state.user.iat; |
972 nonce = params.nonce; |
972 nonce = params.nonce; |
973 amr = auth_state.user.amr; |
973 amr = auth_state.user.amr; |
974 }); |
974 }); |
975 local response_type = params.response_type; |
975 local response_type = params.response_type; |
976 local response_handler = response_type_handlers[response_type]; |
976 local response_handler = response_type_handlers[response_type]; |