mod_http_oauth2: Revert role selector, going to try something else Back out f2c7bb3af600 Allowing only a single role to be encoded into the grant takes away the possibility of having multiple roles in the grant, one of which is selected when issuing an access token. It also takes away the ability to have zero roles granted, which could be useful e.g. when you only need OIDC scopes.

-- COMPAT for Openfire sending stream headers without to or from.

module:set_global();

module:hook("s2s-check-certificate", function(event)
	local session, host = event.session, event.host;
	if not event.host then
		(session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
		session.cert_chain_status = "invalid"
		return true
	end
end, 100);