Software /
code /
prosody-modules
File
mod_muc_restrict_nick/mod_muc_restrict_nick.lua @ 5512:1fbc8718bed6
mod_http_oauth2: Bind refresh tokens to client
Prevent one OAuth client from using the refresh tokens issued to another
client as required by RFC 6819 section 5.2.2.2
See also draft-ietf-oauth-security-topics-22 section 2.2.2
Thanks to OAuch for pointing out this issue
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 02 Jun 2023 10:40:48 +0200 |
parent | 4588:e7b126161e7b |
line wrap: on
line source
local jid = require "util.jid"; local st = require "util.stanza"; local nick_pattern = module:get_option_string("muc_restrict_nick_pattern", "^%w+$"); module:hook("muc-occupant-pre-join", function (event) local nick = jid.resource(event.occupant.nick); if not nick:match(nick_pattern) then local reply = st.error_reply(event.stanza, "modify", "policy-violation", "Unacceptable nickname, please try another"); module:send(reply); return true; end end);