Kim Alvefur <zash@zash.se> [Sun, 05 Mar 2023 12:38:20 +0100] rev 5210
mod_http_oauth2: Clarify comment referencing mod_http_errors (thanks MattJ)
Must have typed text/plain twice by accident here.
Kim Alvefur <zash@zash.se> [Sat, 04 Mar 2023 23:36:13 +0100] rev 5209
mod_http_oauth2: Specify host for which to retrieve list of roles
Fixes core/usermanager.lua:299: attempt to index a nil value (field '?')
Kim Alvefur <zash@zash.se> [Sat, 04 Mar 2023 21:36:00 +0100] rev 5208
mod_http_oauth2: Return list of active roles in discovery
Relies on Prosody trunk rev cdb996637b08
Better than a hardcoded list
Kim Alvefur <zash@zash.se> [Sat, 04 Mar 2023 21:24:35 +0100] rev 5207
mod_http_oauth2: Return actually enabled response types in discovery
Kim Alvefur <zash@zash.se> [Sat, 04 Mar 2023 17:06:47 +0100] rev 5206
mod_http_oauth2: Calculate client secret expiry in registration response
Not actually the client_secret that expires, but the client_id JWT.
Returning '0' indicating no expiry was incorrect unless JWT expiry is
turned off, which we check for now.
Matthew Wild <mwild1@gmail.com> [Sat, 04 Mar 2023 13:23:26 +0000] rev 5205
mod_http_oauth2: Strip trailing '/' from issuer URL
Kim Alvefur <zash@zash.se> [Fri, 03 Mar 2023 22:54:46 +0100] rev 5204
mod_http_oauth2: Advertise endpoints that are enabled
If you don't set the registration secret, some of these are not actually
available, so don't advertise them.
Kim Alvefur <zash@zash.se> [Fri, 03 Mar 2023 22:48:59 +0100] rev 5203
mod_http_oauth2: Separate client_secret verification key from JWT key
Allows configuring a real JWT key directly in the config, but
the client_secret will be different per host.
Kim Alvefur <zash@zash.se> [Fri, 03 Mar 2023 22:48:38 +0100] rev 5202
mod_http_oauth2: Fix response type config
Wrong variable names
Kim Alvefur <zash@zash.se> [Fri, 03 Mar 2023 22:48:14 +0100] rev 5201
mod_http_oauth2/README: Document config options