Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5278:d94dba396f9f
mod_http_oauth2: Declare additional client registration fields as strings
Previously any property not listed in the schema was allowed in any
form, which is probably a bit too liberal. Instead, limit extra fields
to simple strings, which should still allow localized versions of the
various URIs and descriptive properties per RFC 7591 ยง2.2
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 26 Mar 2023 14:44:30 +0200 |
| parents | a1055024b94e |
| children | 2b858cccac8f |
comparison
equal
deleted
inserted
replaced
| 5277:a1055024b94e | 5278:d94dba396f9f |
|---|---|
| 618 jwks_uri = { type = "string"; format = "uri" }; | 618 jwks_uri = { type = "string"; format = "uri" }; |
| 619 jwks = { type = "object"; description = "JSON Web Key Set, RFC 7517" }; | 619 jwks = { type = "object"; description = "JSON Web Key Set, RFC 7517" }; |
| 620 software_id = { type = "string"; format = "uuid" }; | 620 software_id = { type = "string"; format = "uuid" }; |
| 621 software_version = { type = "string" }; | 621 software_version = { type = "string" }; |
| 622 }; | 622 }; |
| 623 -- Localized versions of descriptive properties and URIs | |
| 624 additionalProperties = { type = "string" }; | |
| 623 } | 625 } |
| 624 | 626 |
| 625 function create_client(client_metadata) | 627 function create_client(client_metadata) |
| 626 if not schema.validate(registration_schema, client_metadata) then | 628 if not schema.validate(registration_schema, client_metadata) then |
| 627 return nil, oauth_error("invalid_request", "Failed schema validation."); | 629 return nil, oauth_error("invalid_request", "Failed schema validation."); |