view mod_s2s_smacks_timeout/mod_s2s_smacks_timeout.lua @ 5626:a44af1b646f5

mod_http_oauth2: Optionally enforce authentication on revocation endpoint But why do OAuth require this? If a token leaks, why couldn't anyone revoke it?
author Kim Alvefur <zash@zash.se>
date Mon, 31 Jul 2023 02:07:58 +0200
parents f0fe95f9e21c
children
line wrap: on
line source

module:depends("smacks");

module:hook("smacks-ack-delayed", function (event)
	if event.origin.type == "s2sin" or event.origin.type == "s2sout" then
		event.origin:close("connection-timeout");
		return true;
	end
end);