prosody-modules
761142ee0ff2
mod_http_oauth2/mod_http_oauth2.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Diff

mod_http_oauth2/mod_http_oauth2.lua @ 5882:761142ee0ff2

mod_http_oauth2: Reflect changes to defaults etc - Resource owner password grant was disabled by default - Tokens now include a hash of client_id making it possible to be reasonable sure that they were issued to a particular client
author Kim Alvefur <zash@zash.se>
date Tue, 05 Mar 2024 00:32:00 +0100
parent 5853:b109773ce6fe
child 5959:ca3479c67e48
child 6208:e20901443eae
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun Mar 03 18:06:47 2024 +0000
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Tue Mar 05 00:32:00 2024 +0100
@@ -1128,7 +1128,7 @@
 		headers = { content_type = "application/json" };
 		body = json.encode {
 			active = true;
-			client_id = credentials.username; -- We don't really know for sure
+			client_id = credentials.username; -- Verified via client hash
 			username = jid.node(token_info.jid);
 			scope = token_info.grant.data.oauth2_scopes;
 			token_type = purpose_map[token_info.purpose];