Mercurial > prosody-modules

diff mod_http_oauth2/mod_http_oauth2.lua @ 5858:761142ee0ff2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Reflect changes to defaults etc - Resource owner password grant was disabled by default - Tokens now include a hash of client_id making it possible to be reasonable sure that they were issued to a particular client
author Kim Alvefur <zash@zash.se>
date Tue, 05 Mar 2024 00:32:00 +0100
parents b109773ce6fe
children ca3479c67e48
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun Mar 03 18:06:47 2024 +0000
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Tue Mar 05 00:32:00 2024 +0100
@@ -1128,7 +1128,7 @@
 		headers = { content_type = "application/json" };
 		body = json.encode {
 			active = true;
-			client_id = credentials.username; -- We don't really know for sure
+			client_id = credentials.username; -- Verified via client hash
 			username = jid.node(token_info.jid);
 			scope = token_info.grant.data.oauth2_scopes;
 			token_type = purpose_map[token_info.purpose];