diff mod_http_oauth2/mod_http_oauth2.lua @ 5455:80a81e7f3c4e

mod_http_oauth2: Require non-empty arrays in client registration Makes no sense to claim to support nothing.
author Kim Alvefur <zash@zash.se>
date Tue, 16 May 2023 21:09:38 +0200
parents 6970c73711c2
children 9008aea491bf
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Tue May 16 21:04:31 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Tue May 16 21:09:38 2023 +0200
@@ -762,6 +762,7 @@
 		};
 		grant_types = {
 			type = "array";
+			minItems = 1;
 			items = {
 				type = "string";
 				enum = {
@@ -777,12 +778,12 @@
 			default = { "authorization_code" };
 		};
 		application_type = { type = "string"; enum = { "native"; "web" }; default = "web" };
-		response_types = { type = "array"; items = { type = "string"; enum = { "code"; "token" } }; default = { "code" } };
+		response_types = { type = "array"; minItems = 1; items = { type = "string"; enum = { "code"; "token" } }; default = { "code" } };
 		client_name = { type = "string" };
 		client_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
 		logo_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
 		scope = { type = "string" };
-		contacts = { type = "array"; items = { type = "string"; format = "email" } };
+		contacts = { type = "array"; minItems = 1; items = { type = "string"; format = "email" } };
 		tos_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
 		policy_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
 		jwks_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };