Kim Alvefur <zash@zash.se> [Thu, 27 Apr 2023 19:16:14 +0200] rev 5382
mod_http_oauth2: Record OAuth software id and version attached to tokens
Unsure if these are used anywhere, but `software_id` is supposedly more
unique than `client_uri` which can vary by registration or something?
Software versions can also be good to know e.g. in case there is a
security issue affecting certain versions that could warrant revocation
of tokens issued to it.
Kim Alvefur <zash@zash.se> [Thu, 27 Apr 2023 19:14:23 +0200] rev 5381
mod_http_oauth2: Fix misplaced 'default' on wrong side of } in client registration schema
Matthew Wild <mwild1@gmail.com> [Thu, 27 Apr 2023 16:58:48 +0100] rev 5380
mod_remote_roster: Set id on generated iq stanzas (thanks @agwa)
Fixes 'iq stanzas require an id attribute' error from util.stanza.
Kim Alvefur <zash@zash.se> [Wed, 26 Apr 2023 23:41:49 +0200] rev 5379
mod_http_oauth2: Fix to include "openid" scope in discovery metadata
The "openid" scope was left out of openid_claims since it is treated
differently from the other scopes.
Kim Alvefur <zash@zash.se> [Wed, 26 Apr 2023 12:42:09 +0200] rev 5378
mod_client_management: Show time for recent timestamps in shell command
Semi-fuzzy time is nice
Kim Alvefur <zash@zash.se> [Wed, 26 Apr 2023 12:12:34 +0200] rev 5377
mod_client_management: Fix changed column cell "key"
Forgot to change in b2d51c6ae89a
Kim Alvefur <zash@zash.se> [Wed, 26 Apr 2023 12:09:17 +0200] rev 5376
mod_client_management: Fix error when called against host without this module
Previously:
prosody> user:clients("user@example.org")
| Result: 1
Kim Alvefur <zash@zash.se> [Wed, 26 Apr 2023 11:55:55 +0200] rev 5375
mod_client_management: Move table cell formatting into column specification
It's only more lines because of lua-format!
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 22:12:02 +0200] rev 5374
mod_client_management: Fix type confusion
client_selector : string, not some sort of table?
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 22:06:08 +0200] rev 5373
mod_client_management: Fix error when last password change is unknown (or never)
Fixes attempt to compare nil with number here, due to
last_password_change being nil
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 19:50:27 +0200] rev 5372
mod_rest/rest.sh: Register as native application
Otherwise the custom nonstandard URI would be rejected per the last
commit to mod_http_oauth2
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 19:49:41 +0200] rev 5371
mod_http_oauth2: Validate redirect URI depending on application type
Per https://openid.net/specs/openid-connect-registration-1_0.html
require that web applications use https:// and native applications must
use either http://localhost or a custom (non-https) URI.
Previous requirement that hostname matches that of client_uri is kept
for web applications.
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 18:09:08 +0200] rev 5370
mod_http_oauth2: Fill in some client metadata defaults
Explicit > Implicit
Maybe we should actually use these for something as well? :)
It's is somewhat an open question of how strictly we should enforce
things in the client metadata given that it is somewhat extensible.
Especially some of these enum fields which have corresponding IANA
registries.
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 17:38:36 +0200] rev 5369
mod_http_oauth2: Allow only l10n variants of name in client metadata
Since "client_name" seems to be the only human readable non-URI property
that makes sense to have localized version of. Therefore it seems
excessive to allow arbitrary additionalProperties.
We don't make use of localized versions of client_name and URIs yet, but
it would be nice to do so.
Kim Alvefur <zash@zash.se> [Tue, 25 Apr 2023 17:16:12 +0200] rev 5368
mod_http_oauth2: Normalize whitespace in client metadata schema
Random extra whitespace?
Matthew Wild <mwild1@gmail.com> [Mon, 24 Apr 2023 17:11:08 +0100] rev 5367
mod_log_ringbuffer: Fix description and examples of level configuration
Matthew Wild <mwild1@gmail.com> [Mon, 24 Apr 2023 17:00:05 +0100] rev 5366
mod_log_ringbuffer: Fix example config
Kim Alvefur <zash@zash.se> [Sun, 23 Apr 2023 14:18:25 +0200] rev 5365
mod_oidc_userinfo_vcard4: Fix phone number claim
Copy-paste mistake probably
Kim Alvefur <zash@zash.se> [Sun, 23 Apr 2023 13:37:58 +0200] rev 5364
mod_oidc_userinfo_vcard4: Unpack <vcard> from PubSub <item>
Forgot about the <item>, so it was previously attempting to extract all
properties from that instead of the inner <vcard>
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 16:29:56 +0200] rev 5363
mod_http_oauth2: Use new Lua pattern schema properties
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 14:22:56 +0200] rev 5362
mod_http_oauth2: Include additional OpenID scopes in metadata
Drops fallback because this module probably doesn't work with Prosody
before the role stuff anyway.
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 14:02:56 +0200] rev 5361
mod_http_oauth2: Validate (unused at this point) localized URIs
Client registration may include keys of the form "some_uri#lang-code"
pointing to alternate language versions of the various URIs. We don't
use this yet but the same validation should apply.
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 14:06:41 +0200] rev 5360
mod_http_oauth2: Declare https as required of URIs in schema
If util.jsonschema happens to gain support for 'pattern' (regular
expression validation) then this would be picked up. Until then,
declarative annotations are nice.
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 12:02:01 +0200] rev 5359
mod_http_oauth2: Enforce https requirement on TOS URI
In create_client() it validates that all fields with format=uri are
https and match the client_uri host.
Kim Alvefur <zash@zash.se> [Sat, 22 Apr 2023 11:59:52 +0200] rev 5358
mod_http_oauth2: Use new mod_cron API for periodic cleanup
Less frequent but this isn't that important after all since, as the
comment states, expired codes are not usable anyway. They're also not
that large so memory usage probably doesn't matter.
Kim Alvefur <zash@zash.se> [Tue, 18 Apr 2023 21:48:31 +0200] rev 5357
mod_audit_status: Fix error on first start
Fixes 'attempt to index a nil value' the first time this module is
loaded, since there's no data yet.
Matthew Wild <mwild1@gmail.com> [Mon, 17 Apr 2023 14:31:50 +0100] rev 5356
mod_muc_rtbl: Use correct occupant object
There is no 'occupant' property for this event.
Kim Alvefur <zash@zash.se> [Mon, 17 Apr 2023 08:26:20 +0200] rev 5355
mod_audit: Move underscore to avoid luacheck warning
Underscore as prefix is taken as a signal that the variable is unused,
but then it is used and luacheck makes noise about that.
Kim Alvefur <zash@zash.se> [Mon, 17 Apr 2023 08:01:09 +0200] rev 5354
mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2
Kim Alvefur <zash@zash.se> [Sat, 15 Apr 2023 10:54:34 +0200] rev 5353
mod_auth_oauth_external: Add configuration example