Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5252:85f0c6c1c24f
mod_http_oauth2: Fix attempt to index a boolean value
_This_ function signature strikes again
It returns true, payload, but only passed the boolean on in place of the
client, tripping up client_subset()
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 16 Mar 2023 00:06:43 +0100 |
parents | b8b2bf0c1b4b |
children | b0ccdd12a70d |
comparison
equal
deleted
inserted
replaced
5251:f3123cbbd894 | 5252:85f0c6c1c24f |
---|---|
274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end | 274 if not params.code then return oauth_error("invalid_request", "missing 'code'"); end |
275 if params.scope and params.scope ~= "" then | 275 if params.scope and params.scope ~= "" then |
276 return oauth_error("invalid_scope", "unknown scope requested"); | 276 return oauth_error("invalid_scope", "unknown scope requested"); |
277 end | 277 end |
278 | 278 |
279 local client = jwt_verify(params.client_id); | 279 local client_ok, client = jwt_verify(params.client_id); |
280 if not client then | 280 if not client_ok then |
281 return oauth_error("invalid_client", "incorrect credentials"); | 281 return oauth_error("invalid_client", "incorrect credentials"); |
282 end | 282 end |
283 | 283 |
284 if not verify_secret(params.client_id, params.client_secret) then | 284 if not verify_secret(params.client_id, params.client_secret) then |
285 module:log("debug", "client_secret mismatch"); | 285 module:log("debug", "client_secret mismatch"); |