comparison mod_http_oauth2/mod_http_oauth2.lua @ 5240:001908044d0d

mod_http_oauth2: Validate that redirect URIs are absolute
author Kim Alvefur <zash@zash.se>
date Sat, 11 Mar 2023 22:25:22 +0100
parents 8620a635106e
children 65892dd1d4ae
comparison
equal deleted inserted replaced
5239:8620a635106e 5240:001908044d0d
600 return oauth_error("invalid_request", "Failed schema validation."); 600 return oauth_error("invalid_request", "Failed schema validation.");
601 end 601 end
602 602
603 for _, redirect_uri in ipairs(client_metadata.redirect_uris) do 603 for _, redirect_uri in ipairs(client_metadata.redirect_uris) do
604 local components = url.parse(redirect_uri); 604 local components = url.parse(redirect_uri);
605 if not components then 605 if not components or not components.scheme then
606 return oauth_error("invalid_request", "Invalid redirect URI."); 606 return oauth_error("invalid_request", "Invalid redirect URI.");
607 end 607 end
608 end 608 end
609 609
610 -- Ensure each signed client_id JWT is unique 610 -- Ensure each signed client_id JWT is unique