Mercurial > prosody-modules
view mod_audit_auth/mod_audit_auth.lua @ 5559:d7fb8b266663
mod_http_oauth2: Strip unknown client metadata
Per RFC 7591
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
This was previously done but unintentionally removed in 90449babaa48
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 20 Jun 2023 01:11:34 +0200 |
parents | 08dea42a302a |
children | b357ff3d0c8a |
line wrap: on
line source
module:depends("audit"); -- luacheck: read globals module.audit module:hook("authentication-failure", function(event) local session = event.session; module:audit(session.sasl_handler.username, "authentication-failure", { session = session, }); end) module:hook("authentication-success", function(event) local session = event.session; module:audit(session.sasl_handler.username, "authentication-success", { session = session, }); end)