Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5445:74fdf4a7cca1
mod_http_oauth2: Fix unintentional persistence
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 11 May 2023 15:10:44 +0200 |
| parents | 0bbeee8ba8b5 |
| children | dd7bddc87f98 |
comparison
equal
deleted
inserted
replaced
| 5444:0c7abc81c243 | 5445:74fdf4a7cca1 |
|---|---|
| 203 -- Create refresh token for the grant if desired | 203 -- Create refresh token for the grant if desired |
| 204 refresh_token = refresh_token_info ~= false and tokens.create_token(token_jid, grant, nil, nil, "oauth2-refresh"); | 204 refresh_token = refresh_token_info ~= false and tokens.create_token(token_jid, grant, nil, nil, "oauth2-refresh"); |
| 205 else | 205 else |
| 206 -- Grant exists, reuse existing refresh token | 206 -- Grant exists, reuse existing refresh token |
| 207 refresh_token = refresh_token_info.token; | 207 refresh_token = refresh_token_info.token; |
| 208 refresh_token_info.token = nil; -- Prevent persistence of *secret* token | |
| 208 | 209 |
| 209 refresh_token_info.grant = nil; -- Prevent reference loop | 210 refresh_token_info.grant = nil; -- Prevent reference loop |
| 210 end | 211 end |
| 211 | 212 |
| 212 local access_token, access_token_info = tokens.create_token(token_jid, grant, role, default_access_ttl, "oauth2"); | 213 local access_token, access_token_info = tokens.create_token(token_jid, grant, role, default_access_ttl, "oauth2"); |