Comparison

mod_http_oauth2/mod_http_oauth2.lua @ 5252:85f0c6c1c24f

mod_http_oauth2: Fix attempt to index a boolean value _This_ function signature strikes again It returns true, payload, but only passed the boolean on in place of the client, tripping up client_subset()
author Kim Alvefur <zash@zash.se>
date Thu, 16 Mar 2023 00:06:43 +0100
parent 5248:b8b2bf0c1b4b
child 5254:b0ccdd12a70d
comparison
equal deleted inserted replaced
5251:f3123cbbd894 5252:85f0c6c1c24f
274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end 274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end
275 if params.scope and params.scope ~= "" then 275 if params.scope and params.scope ~= "" then
276 return oauth_error("invalid_scope", "unknown scope requested"); 276 return oauth_error("invalid_scope", "unknown scope requested");
277 end 277 end
278 278
279 local client = jwt_verify(params.client_id); 279 local client_ok, client = jwt_verify(params.client_id);
280 if not client then 280 if not client_ok then
281 return oauth_error("invalid_client", "incorrect credentials"); 281 return oauth_error("invalid_client", "incorrect credentials");
282 end 282 end
283 283
284 if not verify_secret(params.client_id, params.client_secret) then 284 if not verify_secret(params.client_id, params.client_secret) then
285 module:log("debug", "client_secret mismatch"); 285 module:log("debug", "client_secret mismatch");