Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 4270:243f7b0dbf35
mod_http_oauth2: Reduce authorization code validity time to 2 minutes
RFC 6749 states
> A maximum authorization code lifetime of 10 minutes is RECOMMENDED.
So 15 minutes was way too long. I was thinking 5 minutes at first but
since this should generally be instant, I settled on 2 minutes as a
large guesstimate on how slow it might be on slow links.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 22 Nov 2020 18:46:25 +0100 |
| parents | 143515d0b212 |
| children | 9623b99bb8d2 |
comparison
equal
deleted
inserted
replaced
| 4269:143515d0b212 | 4270:243f7b0dbf35 |
|---|---|
| 13 | 13 |
| 14 local clients = module:open_store("oauth2_clients", "map"); | 14 local clients = module:open_store("oauth2_clients", "map"); |
| 15 local codes = module:open_store("oauth2_codes", "map"); | 15 local codes = module:open_store("oauth2_codes", "map"); |
| 16 | 16 |
| 17 local function code_expired(code) | 17 local function code_expired(code) |
| 18 return os.difftime(os.time(), code.issued) > 900; | 18 return os.difftime(os.time(), code.issued) > 120; |
| 19 end | 19 end |
| 20 | 20 |
| 21 local function oauth_error(err_name, err_desc) | 21 local function oauth_error(err_name, err_desc) |
| 22 return errors.new({ | 22 return errors.new({ |
| 23 type = "modify"; | 23 type = "modify"; |