Mercurial > prosody-modules

changeset 5456:9008aea491bf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Reject duplicate list items in client registration Useless waste of space
author Kim Alvefur <zash@zash.se>
date Tue, 16 May 2023 21:10:55 +0200
parents 80a81e7f3c4e
children 9156a4754466
files mod_http_oauth2/mod_http_oauth2.lua
diffstat 1 files changed, 8 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua	Tue May 16 21:09:38 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Tue May 16 21:10:55 2023 +0200
@@ -763,6 +763,7 @@
 		grant_types = {
 			type = "array";
 			minItems = 1;
+			uniqueItems = true;
 			items = {
 				type = "string";
 				enum = {
@@ -778,7 +779,13 @@
 			default = { "authorization_code" };
 		};
 		application_type = { type = "string"; enum = { "native"; "web" }; default = "web" };
-		response_types = { type = "array"; minItems = 1; items = { type = "string"; enum = { "code"; "token" } }; default = { "code" } };
+		response_types = {
+			type = "array";
+			minItems = 1;
+			uniqueItems = true;
+			items = { type = "string"; enum = { "code"; "token" } };
+			default = { "code" };
+		};
 		client_name = { type = "string" };
 		client_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
 		logo_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };