Software / code / prosody
Changeset
12940:2aebd9bf02fc
util.sasl.oauthbearer: Adjust parsing of GS2 to allow lack of authzid
Partly copied from util.sasl.scram and then reduced a bit.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 16 Mar 2023 13:45:49 +0100 |
| parents | 12939:bb6a98a7b0b4 |
| children | 12941:e77c607e8da8 |
| files | util/sasl/anonymous.lua util/sasl/oauthbearer.lua |
| diffstat | 2 files changed, 5 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/util/sasl/anonymous.lua Thu Mar 16 13:20:19 2023 +0100 +++ b/util/sasl/anonymous.lua Thu Mar 16 13:45:49 2023 +0100 @@ -33,8 +33,8 @@ local username; repeat username = generate_random_id():lower(); - until self.profile.anonymous(self, username, self.realm); - self.username = username; + self.username = username; + until self.profile.anonymous(self, username, self.realm, message); return "success" end
--- a/util/sasl/oauthbearer.lua Thu Mar 16 13:20:19 2023 +0100 +++ b/util/sasl/oauthbearer.lua Thu Mar 16 13:45:49 2023 +0100 @@ -11,10 +11,11 @@ return "failure", "not-authorized"; end - local gs2_authzid, kvpairs = message:match("n,a=([^,]+),(.+)$"); - if not gs2_authzid then + local gs2_header, kvpairs = message:match("^(n,[^,]*,),(.+)$"); + if not gs2_header then return "failure", "malformed-request"; end + local gs2_authzid = gs2_header:match("^[^,]*,a=([^,]*),$"); local auth_header; for k, v in kvpairs:gmatch("([a-zA-Z]+)=([\033-\126 \009\r\n]*)\001") do
