Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5252:85f0c6c1c24f
mod_http_oauth2: Fix attempt to index a boolean value
_This_ function signature strikes again
It returns true, payload, but only passed the boolean on in place of the
client, tripping up client_subset()
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 16 Mar 2023 00:06:43 +0100 |
| parents | b8b2bf0c1b4b |
| children | b0ccdd12a70d |
comparison
equal
deleted
inserted
replaced
| 5251:f3123cbbd894 | 5252:85f0c6c1c24f |
|---|---|
| 274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end | 274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end |
| 275 if params.scope and params.scope ~= "" then | 275 if params.scope and params.scope ~= "" then |
| 276 return oauth_error("invalid_scope", "unknown scope requested"); | 276 return oauth_error("invalid_scope", "unknown scope requested"); |
| 277 end | 277 end |
| 278 | 278 |
| 279 local client = jwt_verify(params.client_id); | 279 local client_ok, client = jwt_verify(params.client_id); |
| 280 if not client then | 280 if not client_ok then |
| 281 return oauth_error("invalid_client", "incorrect credentials"); | 281 return oauth_error("invalid_client", "incorrect credentials"); |
| 282 end | 282 end |
| 283 | 283 |
| 284 if not verify_secret(params.client_id, params.client_secret) then | 284 if not verify_secret(params.client_id, params.client_secret) then |
| 285 module:log("debug", "client_secret mismatch"); | 285 module:log("debug", "client_secret mismatch"); |