Mercurial > prosody-modules
changeset 5202:b81fd0d22c66
mod_http_oauth2: Calculate client secret expiry in registration response
Not actually the client_secret that expires, but the client_id JWT.
Returning '0' indicating no expiry was incorrect unless JWT expiry is
turned off, which we check for now.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 04 Mar 2023 17:06:47 +0100 |
| parents | 47576c73eedf |
| children | c60cff787d6a |
| files | mod_http_oauth2/mod_http_oauth2.lua |
| diffstat | 1 files changed, 3 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Sat Mar 04 13:23:26 2023 +0000 +++ b/mod_http_oauth2/mod_http_oauth2.lua Sat Mar 04 17:06:47 2023 +0100 @@ -423,6 +423,9 @@ client_id_issued_at = os.time(); client_secret_expires_at = 0; } + if not registration_options.accept_expired then + client_desc.client_secret_expires_at = client_desc.client_id_issued_at + (registration_options.default_ttl or 3600); + end return { status_code = 201;