Mercurial > prosody-modules
comparison mod_http_oauth2/mod_http_oauth2.lua @ 5278:d94dba396f9f
mod_http_oauth2: Declare additional client registration fields as strings
Previously any property not listed in the schema was allowed in any
form, which is probably a bit too liberal. Instead, limit extra fields
to simple strings, which should still allow localized versions of the
various URIs and descriptive properties per RFC 7591 ยง2.2
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 26 Mar 2023 14:44:30 +0200 |
parents | a1055024b94e |
children | 2b858cccac8f |
comparison
equal
deleted
inserted
replaced
5277:a1055024b94e | 5278:d94dba396f9f |
---|---|
618 jwks_uri = { type = "string"; format = "uri" }; | 618 jwks_uri = { type = "string"; format = "uri" }; |
619 jwks = { type = "object"; description = "JSON Web Key Set, RFC 7517" }; | 619 jwks = { type = "object"; description = "JSON Web Key Set, RFC 7517" }; |
620 software_id = { type = "string"; format = "uuid" }; | 620 software_id = { type = "string"; format = "uuid" }; |
621 software_version = { type = "string" }; | 621 software_version = { type = "string" }; |
622 }; | 622 }; |
623 -- Localized versions of descriptive properties and URIs | |
624 additionalProperties = { type = "string" }; | |
623 } | 625 } |
624 | 626 |
625 function create_client(client_metadata) | 627 function create_client(client_metadata) |
626 if not schema.validate(registration_schema, client_metadata) then | 628 if not schema.validate(registration_schema, client_metadata) then |
627 return nil, oauth_error("invalid_request", "Failed schema validation."); | 629 return nil, oauth_error("invalid_request", "Failed schema validation."); |