# HG changeset patch # User Matthew Wild # Date 1678203187 0 # Node ID 3439eb37f23b95ea6b9acd3f4878ac03e4b730c8 # Parent cd5cf4cc6304176691b896f2cd05e06b56ccbc26 mod_http_oauth2: token endpoint: handle missing credentials diff -r cd5cf4cc6304 -r 3439eb37f23b mod_http_oauth2/mod_http_oauth2.lua --- a/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 07 15:31:19 2023 +0000 +++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Mar 07 15:33:07 2023 +0000 @@ -466,7 +466,7 @@ return error_response(event.request, oauth_error("invalid_request")); end - if credentials.type == "basic" then + if credentials and credentials.type == "basic" then params.client_id = http.urldecode(credentials.username); params.client_secret = http.urldecode(credentials.password); end