Mercurial > prosody-modules
view mod_compat_bind/mod_compat_bind.lua @ 5214:d5492bc861f6
mod_http_oauth2: Remove authorization codes after use
RFC 6749 section 4.1.2 says:
> The client MUST NOT use the authorization code more than once.
Thus we clear it from the cache after use.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 06 Mar 2023 16:53:27 +0100 |
parents | 73fbfd1e820b |
children |
line wrap: on
line source
-- Compatibility with clients that set 'to' on resource bind requests -- -- http://xmpp.org/rfcs/rfc3920.html#bind -- http://xmpp.org/rfcs/rfc6120.html#bind-servergen-success local st = require "util.stanza"; module:hook("iq/host/urn:ietf:params:xml:ns:xmpp-bind:bind", function(event) local fixed_stanza = st.clone(event.stanza); fixed_stanza.attr.to = nil; prosody.core_process_stanza(event.origin, fixed_stanza); return true; end);