Mercurial Mercurial > prosody > prosody-modules / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2/mod_http_oauth2.lua
changeset 5602 b496ebc12aed
parent 5593 7040d0772758
child 5609 17aa3bac7f3a
equal deleted inserted replaced
5601:5ade45d93908 5602:b496ebc12aed 
  1056 	end
 
  1056 	end
 
  1057 	return 200;
 
  1057 	return 200;
 
  1058 end
 
  1058 end
 
  1059 
  1059 
  1060 local registration_schema = {
 
  1060 local registration_schema = {
 
       
  1061 	title = "OAuth 2.0 Dynamic Client Registration Protocol";
 
  1061 	type = "object";
 
  1062 	type = "object";
 
  1062 	required = {
 
  1063 	required = {
 
  1063 		-- These are shown to users in the template
 
  1064 		-- These are shown to users in the template
 
  1064 		"client_name";
 
  1065 		"client_name";
 
  1065 		"client_uri";
 
  1066 		"client_uri";
 
  1066 		-- We need at least one redirect URI for things to work
 
  1067 		-- We need at least one redirect URI for things to work
 
  1067 		"redirect_uris";
 
  1068 		"redirect_uris";
 
  1068 	};
 
  1069 	};
 
  1069 	properties = {
 
  1070 	properties = {
 
  1070 		redirect_uris = { type = "array"; minItems = 1; uniqueItems = true; items = { type = "string"; format = "uri" } };
 
  1071 		redirect_uris = {
 
       
  1072 			title = "List of Redirect URIs";
 
       
  1073 			type = "array";
 
       
  1074 			minItems = 1;
 
       
  1075 			uniqueItems = true;
 
       
  1076 			items = { title = "Redirect URI"; type = "string"; format = "uri" };
 
       
  1077 		};
 
  1071 		token_endpoint_auth_method = {
 
  1078 		token_endpoint_auth_method = {
 
       
  1079 			title = "Token Endpoint Authentication Method";
 
  1072 			type = "string";
 
  1080 			type = "string";
 
  1073 			enum = { "none"; "client_secret_post"; "client_secret_basic" };
 
  1081 			enum = { "none"; "client_secret_post"; "client_secret_basic" };
 
  1074 			default = "client_secret_basic";
 
  1082 			default = "client_secret_basic";
 
  1075 		};
 
  1083 		};
 
  1076 		grant_types = {
 
  1084 		grant_types = {
 
       
  1085 			title = "Grant Types";
 
  1077 			type = "array";
 
  1086 			type = "array";
 
  1078 			minItems = 1;
 
  1087 			minItems = 1;
 
  1079 			uniqueItems = true;
 
  1088 			uniqueItems = true;
 
  1080 			items = {
 
  1089 			items = {
 
  1081 				type = "string";
 
  1090 				type = "string";
 
  1090 					device_uri;
 
  1099 					device_uri;
 
  1091 				};
 
  1100 				};
 
  1092 			};
 
  1101 			};
 
  1093 			default = { "authorization_code" };
 
  1102 			default = { "authorization_code" };
 
  1094 		};
 
  1103 		};
 
  1095 		application_type = { type = "string"; enum = { "native"; "web" }; default = "web" };
 
  1104 		application_type = {
 
       
  1105 			title = "Application Type";
 
       
  1106 			description = "Determines which kinds of redirect URIs the client may register. \z
 
       
  1107 			The value 'web' limits the client to https:// URLs with the same hostname as in 'client_uri' \z
 
       
  1108 			while the value 'native' allows either loopback http:// URLs or application specific URIs.";
 
       
  1109 			type = "string";
 
       
  1110 			enum = { "native"; "web" };
 
       
  1111 			default = "web";
 
       
  1112 		};
 
  1096 		response_types = {
 
  1113 		response_types = {
 
       
  1114 			title = "Response Types";
 
  1097 			type = "array";
 
  1115 			type = "array";
 
  1098 			minItems = 1;
 
  1116 			minItems = 1;
 
  1099 			uniqueItems = true;
 
  1117 			uniqueItems = true;
 
  1100 			items = { type = "string"; enum = { "code"; "token" } };
 
  1118 			items = { type = "string"; enum = { "code"; "token" } };
 
  1101 			default = { "code" };
 
  1119 			default = { "code" };
 
  1102 		};
 
  1120 		};
 
  1103 		client_name = { type = "string" };
 
  1121 		client_name = {
 
  1104 		client_uri = { type = "string"; format = "uri"; pattern = "^https:" };
 
  1122 			title = "Client Name";
 
  1105 		logo_uri = { type = "string"; format = "uri"; pattern = "^https:" };
 
  1123 			description = "Human-readable name of the client, presented to the user in the consent dialog.";
 
  1106 		scope = { type = "string" };
 
  1124 			type = "string";
 
  1107 		contacts = { type = "array"; minItems = 1; items = { type = "string"; format = "email" } };
 
  1125 		};
 
  1108 		tos_uri = { type = "string"; format = "uri"; pattern = "^https:" };
 
  1126 		client_uri = {
 
  1109 		policy_uri = { type = "string"; format = "uri"; pattern = "^https:" };
 
  1127 			title = "Client URL";
 
  1110 		software_id = { type = "string"; format = "uuid" };
 
  1128 			description = "Should be an link to a page with information about the client.";
 
  1111 		software_version = { type = "string" };
 
  1129 			type = "string";
 
       
  1130 			format = "uri";
 
       
  1131 			pattern = "^https:";
 
       
  1132 		};
 
       
  1133 		logo_uri = {
 
       
  1134 			title = "Logo URL";
 
       
  1135 			description = "URL to the clients logotype (not currently used).";
 
       
  1136 			type = "string";
 
       
  1137 			format = "uri";
 
       
  1138 			pattern = "^https:";
 
       
  1139 		};
 
       
  1140 		scope = {
 
       
  1141 			title = "Scopes";
 
       
  1142 			description = "Space-separated list of scopes the client promises to restrict itself to.";
 
       
  1143 			type = "string";
 
       
  1144 		};
 
       
  1145 		contacts = {
 
       
  1146 			title = "Contact Addresses";
 
       
  1147 			description = "Addresses, typically email or URLs where the client developers can be contacted.";
 
       
  1148 			type = "array";
 
       
  1149 			minItems = 1;
 
       
  1150 			items = { type = "string"; format = "email" };
 
       
  1151 		};
 
       
  1152 		tos_uri = {
 
       
  1153 			title = "Terms of Service URL";
 
       
  1154 			description = "Link to Terms of Service for the client, presented to the user in the consent dialog. \z
 
       
  1155 			MUST be a https:// URL with hostname matching that of 'client_uri'.";
 
       
  1156 			type = "string";
 
       
  1157 			format = "uri";
 
       
  1158 			pattern = "^https:";
 
       
  1159 		};
 
       
  1160 		policy_uri = {
 
       
  1161 			title = "Privacy Policy URL";
 
       
  1162 			description = "Link to a Privacy Policy for the client. MUST be a https:// URL with hostname matching that of 'client_uri'.";
 
       
  1163 			type = "string";
 
       
  1164 			format = "uri";
 
       
  1165 			pattern = "^https:";
 
       
  1166 		};
 
       
  1167 		software_id = {
 
       
  1168 			title = "Software ID";
 
       
  1169 			description = "Unique identifier for the client software, common for all instances. Typically an UUID.";
 
       
  1170 			type = "string";
 
       
  1171 			format = "uuid";
 
       
  1172 		};
 
       
  1173 		software_version = {
 
       
  1174 			title = "Software Version";
 
       
  1175 			description = "Version of the software creating being registered. \z
 
       
  1176 			E.g. to allow revoking all related tokens in the event of a security incident.";
 
       
  1177 			type = "string";
 
       
  1178 			example = "2.3.1";
 
       
  1179 		};
 
  1112 	};
 
  1180 	};
 
  1113 }
 
  1181 }
 
  1114 
  1182 
  1115 -- Limit per-locale fields to allowed locales, partly to keep size of client_id
 
  1183 -- Limit per-locale fields to allowed locales, partly to keep size of client_id
 
  1116 -- down, partly because we don't yet use them for anything.
 
  1184 -- down, partly because we don't yet use them for anything.
prosody-modules