File

mod_http_oauth2: Reflect ALL attributes of the client registration Per RFC 7591: " Additionally, the authorization server MUST return all registered metadata about this client, including any fields provisioned by the authorization server itself. " The idea is that the server may replace/drop fields in the registration, so what gets reflected back to the client is the source of truth about the registration.

+
−---
+
−labels:
+
−summary: Workaround for servers doing EXTERNAL without proper stream headers
+
−...
+
−
+
−Introduction
+
−============
+
−
+
−This module is a workaround for servers that try to do s2s
+
−authentication with certificates and SASL EXTERNAL, but do not send
+
−correct stream headers. Notably Openfire versions since 3.7 or 3.8.