Kim Alvefur <zash@zash.se> [Mon, 08 May 2023 20:01:34 +0200] rev 5438
mod_auth_oauth_external: Work without token validation endpoint
In this mode, only PLAIN is possible and the provided username is
assumed to be the XMPP localpart.
Kim Alvefur <zash@zash.se> [Mon, 08 May 2023 19:57:10 +0200] rev 5437
mod_auth_oauth_external: Fix missing import of util.jid
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 20:44:44 +0200] rev 5436
mod_rest/rest.sh: Trim trailing whitespace
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 20:42:33 +0200] rev 5435
mod_rest/rest.sh: Add --logout to revoke token
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 20:41:35 +0200] rev 5434
mod_rest/rest.sh: Make scopes to request configurable in restrc
Makes it easier to experiment with requesting various scopes and roles
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 20:25:18 +0200] rev 5433
mod_http_oauth2: Strip unknown scopes from consent page
Since the scope string can be any arbitrary space-separated strings.
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 20:24:18 +0200] rev 5432
mod_http_oauth2: Simplify code with the power of first class functions
Selected / primary role is the first assumable role
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 19:11:20 +0200] rev 5431
mod_http_oauth2: More functional functions
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 19:07:52 +0200] rev 5430
mod_http_oauth2: Add function for filtering roles
Kim Alvefur <zash@zash.se> [Sun, 07 May 2023 19:29:15 +0200] rev 5429
mod_http_oauth2: Support granting zero role-scopes
It seems Very Bad that if you uncheck all roles on the consent page, you
get the default scopes, which seems the opposite of what you probably
intended. Currently, mod_tokenauth will do the same thing, so work is
needed there too to allow issuing tokens without roles.
A token without a role could be used for OIDC login, and not much else.
This seems like a valuable thing to support.