Software /
code /
prosody-modules
Diff
mod_http_oauth2/mod_http_oauth2.lua @ 5239:8620a635106e
mod_http_oauth2: Validate basic URI syntax of redirect URIs
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 22:30:58 +0100 |
parent | 5237:3354f943c1fa |
child | 5240:001908044d0d |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Sat Mar 11 20:20:37 2023 +0000 +++ b/mod_http_oauth2/mod_http_oauth2.lua Sat Mar 11 22:30:58 2023 +0100 @@ -600,6 +600,13 @@ return oauth_error("invalid_request", "Failed schema validation."); end + for _, redirect_uri in ipairs(client_metadata.redirect_uris) do + local components = url.parse(redirect_uri); + if not components then + return oauth_error("invalid_request", "Invalid redirect URI."); + end + end + -- Ensure each signed client_id JWT is unique client_metadata.nonce = uuid.generate();