Mercurial > prosody-modules
changeset 5278:d94dba396f9f
mod_http_oauth2: Declare additional client registration fields as strings
Previously any property not listed in the schema was allowed in any
form, which is probably a bit too liberal. Instead, limit extra fields
to simple strings, which should still allow localized versions of the
various URIs and descriptive properties per RFC 7591 ยง2.2
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 26 Mar 2023 14:44:30 +0200 |
| parents | a1055024b94e |
| children | 2b858cccac8f |
| files | mod_http_oauth2/mod_http_oauth2.lua |
| diffstat | 1 files changed, 2 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/mod_http_oauth2.lua Sun Mar 26 14:39:34 2023 +0200 +++ b/mod_http_oauth2/mod_http_oauth2.lua Sun Mar 26 14:44:30 2023 +0200 @@ -620,6 +620,8 @@ software_id = { type = "string"; format = "uuid" }; software_version = { type = "string" }; }; + -- Localized versions of descriptive properties and URIs + additionalProperties = { type = "string" }; } function create_client(client_metadata)