Mercurial > prosody-modules
changeset 5378:6155c46d9eea
mod_http_oauth2: Record OAuth software id and version attached to tokens
Unsure if these are used anywhere, but `software_id` is supposedly more
unique than `client_uri` which can vary by registration or something?
Software versions can also be good to know e.g. in case there is a
security issue affecting certain versions that could warrant revocation
of tokens issued to it.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 27 Apr 2023 19:16:14 +0200 |
parents | ca477408f90b |
children | 36d40f5b81fe |
files | mod_http_oauth2/mod_http_oauth2.lua |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Thu Apr 27 19:14:23 2023 +0200 +++ b/mod_http_oauth2/mod_http_oauth2.lua Thu Apr 27 19:16:14 2023 +0200 @@ -153,7 +153,7 @@ -- properties that are deemed useful e.g. in case tokens issued to a certain -- client needs to be revoked local function client_subset(client) - return { name = client.client_name; uri = client.client_uri }; + return { name = client.client_name; uri = client.client_uri; id = client.software_id; version = client.software_version }; end local function new_access_token(token_jid, role, scope_string, client, id_token, refresh_token_info)