# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1677701508 -3600
# Node ID 2c6acf2d6fd4988d8b8931eaa1fd445e221c8376
# Parent  6361afcda1a3d64e69f4148f33052503a537e70d
mod_http_oauth2: Fix removal of consumed authorization codes

Fixes mod_http_oauth2.lua:34: bad argument #2 to 'difftime' (number expected, got nil)

The extra preceding argument to :set stored the client-id#code as a value
instead of clearing the key, and then later in the periodic cleanup
timer this string would be indexed, producing a nil and a traceback

diff -r 6361afcda1a3 -r 2c6acf2d6fd4 mod_http_oauth2/mod_http_oauth2.lua
--- a/mod_http_oauth2/mod_http_oauth2.lua	Wed Mar 01 13:21:29 2023 +0000
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Wed Mar 01 21:11:48 2023 +0100
@@ -166,7 +166,7 @@
 		module:log("debug", "authorization_code invalid or expired: %q", code);
 		return oauth_error("invalid_client", "incorrect credentials");
 	end
-	assert(codes:set(client_owner, client_id .. "#" .. params.code, nil));
+	assert(codes:set(client_id .. "#" .. params.code, nil));
 
 	return json.encode(new_access_token(code.granted_jid, code.granted_scopes, nil));
 end