Mercurial > prosody-modules
diff mod_http_oauth2/mod_http_oauth2.lua @ 5450:d2594bbf7c36
mod_http_oauth2: Scope FIXMEs
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 11 May 2023 21:43:23 +0200 |
parents | 9c19a6b8e542 |
children | 6705f2a09702 |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Thu May 11 21:41:37 2023 +0200 +++ b/mod_http_oauth2/mod_http_oauth2.lua Thu May 11 21:43:23 2023 +0200 @@ -368,6 +368,7 @@ if not params.client_secret then return oauth_error("invalid_request", "missing 'client_secret'"); end if not params.code then return oauth_error("invalid_request", "missing 'code'"); end if params.scope and params.scope ~= "" then + -- FIXME allow a subset of granted scopes return oauth_error("invalid_scope", "unknown scope requested"); end @@ -544,6 +545,7 @@ local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); local request_username, request_host, request_resource = jid.prepped_split(request_jid); if params.scope then + -- TODO shouldn't we support scopes / roles here? return oauth_error("invalid_scope", "unknown scope requested"); end if not request_host or request_host ~= module.host then