--- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 15:26:03 2023 +0000
+++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 21 21:36:54 2023 +0100
@@ -284,12 +284,12 @@
}
end
-local function make_secret(client_id) --> client_secret
+local function make_client_secret(client_id) --> client_secret
return hashes.hmac_sha256(verification_key, client_id, true);
end
-local function verify_secret(client_id, client_secret)
- return hashes.equals(make_secret(client_id), client_secret);
+local function verify_client_secret(client_id, client_secret)
+ return hashes.equals(make_client_secret(client_id), client_secret);
end
function grant_type_handlers.authorization_code(params)
@@ -305,7 +305,7 @@
return oauth_error("invalid_client", "incorrect credentials");
end
- if not verify_secret(params.client_id, params.client_secret) then
+ if not verify_client_secret(params.client_id, params.client_secret) then
module:log("debug", "client_secret mismatch");
return oauth_error("invalid_client", "incorrect credentials");
end
@@ -552,7 +552,7 @@
end
local user_jid = jid.join(auth_state.user.username, module.host);
- local client_secret = make_secret(params.client_id);
+ local client_secret = make_client_secret(params.client_id);
local id_token_signer = jwt.new_signer("HS256", client_secret);
local id_token = id_token_signer({
iss = get_issuer();
@@ -675,7 +675,7 @@
-- Do we want to keep everything?
local client_id = jwt_sign(client_metadata);
- local client_secret = make_secret(client_id);
+ local client_secret = make_client_secret(client_id);
client_metadata.client_id = client_id;
client_metadata.client_secret = client_secret;