prosody-modules
dacde53467f3
mod_http_oauth2/mod_http_oauth2.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Diff

mod_http_oauth2/mod_http_oauth2.lua @ 5463:dacde53467f3

mod_http_oauth2: Proper OAuth error for invalid redirect URI in implicit flow too
author Kim Alvefur <zash@zash.se>
date Wed, 17 May 2023 16:40:07 +0200
parent 5462:f6d8830a83fe
child 5465:66e13e79928b
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 16:34:19 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Wed May 17 16:40:07 2023 +0200
@@ -369,7 +369,7 @@
 	local token_info = new_access_token(granted_jid, granted_role, granted_scopes, client, nil);
 
 	local redirect = url.parse(get_redirect_uri(client, params.redirect_uri));
-	if not redirect then return 400; end
+	if not redirect then return oauth_error("invalid_redirect_uri"); end
 	token_info.state = params.state;
 	redirect.fragment = http.formencode(token_info);