prosody
ed20555f163a
util/sasl/oauthbearer.lua
Software / code / prosody
Comparison
util/sasl/oauthbearer.lua @ 12918:ed20555f163a
util.sasl.oauthbearer: Fix traceback on authz in unexpected format
E.g. if you were to just pass "username" without @hostname, the split
will return nil, "username" and the nil gets passed to saslprep() and it
does not like that.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 02 Mar 2023 14:37:46 +0100 |
| parent | 12911:ab1164eda011 |
| child | 12936:b796e08e6376 |
comparison
equal
deleted
inserted
replaced
| 12917:e4de42495fb7 | 12918:ed20555f163a |
|---|---|
| 31 if not auth_header then | 31 if not auth_header then |
| 32 return "failure", "malformed-request"; | 32 return "failure", "malformed-request"; |
| 33 end | 33 end |
| 34 | 34 |
| 35 local username = jid.prepped_split(gs2_authzid); | 35 local username = jid.prepped_split(gs2_authzid); |
| 36 | |
| 37 if not username or username == "" then | |
| 38 return "failure", "malformed-request", "Expected authorization identity in the username@hostname format"; | |
| 39 end | |
| 36 | 40 |
| 37 -- SASLprep username | 41 -- SASLprep username |
| 38 username = saslprep(username); | 42 username = saslprep(username); |
| 39 | 43 |
| 40 if not username or username == "" then | 44 if not username or username == "" then |
