# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1605996227 -3600
# Node ID 721b528c01e1377b1a9c9f3024f77a8182b51194
# Parent  cc712899becdfa7d96a1cafa12b7bf72e8aefb6a
mod_http_oauth2: Remove unnecessary redirect uri check

diff -r cc712899becd -r 721b528c01e1 mod_http_oauth2/mod_http_oauth2.lua
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sat Nov 21 16:36:44 2020 +0100
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Sat Nov 21 23:03:47 2020 +0100
@@ -91,7 +91,6 @@
 	if not params.client_id then return oauth_error("invalid_request", "missing 'client_id'"); end
 	if not params.client_secret then return oauth_error("invalid_request", "missing 'client_secret'"); end
 	if not params.code then return oauth_error("invalid_request", "missing 'code'"); end
-	--if not params.redirect_uri then return oauth_error("invalid_request", "missing 'redirect_uri'"); end
 	if params.scope and params.scope ~= "" then
 		return oauth_error("invalid_scope", "unknown scope requested");
 	end
@@ -108,9 +107,6 @@
 	end
 	assert(codes:set(params.client_id, params.code, nil));
 
-	if client.redirect_uri and client.redirect_uri ~= params.redirect_uri then
-		return oauth_error("invalid_client", "incorrect 'redirect_uri'");
-	end
 
 	return json.encode(new_access_token(code.granted_jid, nil, nil));
 end