Mercurial > prosody-modules
changeset 4269:143515d0b212
mod_http_oauth2: Factor out authorization code validity decision
I intend to use it for a couple of more things, so having a single
definition helps keep things tidy
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 22 Nov 2020 18:39:55 +0100 |
| parents | 871d140d61bb |
| children | 243f7b0dbf35 |
| files | mod_http_oauth2/mod_http_oauth2.lua |
| diffstat | 1 files changed, 5 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Sun Nov 22 17:00:26 2020 +0100 +++ b/mod_http_oauth2/mod_http_oauth2.lua Sun Nov 22 18:39:55 2020 +0100 @@ -14,6 +14,10 @@ local clients = module:open_store("oauth2_clients", "map"); local codes = module:open_store("oauth2_codes", "map"); +local function code_expired(code) + return os.difftime(os.time(), code.issued) > 900; +end + local function oauth_error(err_name, err_desc) return errors.new({ type = "modify"; @@ -118,7 +122,7 @@ end local code, err = codes:get(client_owner, client_id .. "#" .. params.code); if err then error(err); end - if not code or type(code) ~= "table" or os.difftime(os.time(), code.issued) > 900 then + if not code or type(code) ~= "table" or code_expired(code) then module:log("debug", "authorization_code invalid or expired: %q", code); return oauth_error("invalid_client", "incorrect credentials"); end