--- a/mod_http_oauth2/mod_http_oauth2.lua Tue Apr 25 17:38:36 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua Tue Apr 25 18:09:08 2023 +0200
@@ -640,7 +640,7 @@
};
properties = {
redirect_uris = { type = "array"; minLength = 1; items = { type = "string"; format = "uri" } };
- token_endpoint_auth_method = { type = "string"; enum = { "none"; "client_secret_post"; "client_secret_basic" } };
+ token_endpoint_auth_method = { type = "string"; enum = { "none"; "client_secret_post"; "client_secret_basic"; default = "client_secret_basic" } };
grant_types = {
type = "array";
items = {
@@ -655,8 +655,9 @@
"urn:ietf:params:oauth:grant-type:saml2-bearer";
};
};
+ default = { "authorization_code" };
};
- response_types = { type = "array"; items = { type = "string"; enum = { "code"; "token" } } };
+ response_types = { type = "array"; items = { type = "string"; enum = { "code"; "token" } }; default = { "code" } };
client_name = { type = "string" };
client_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
logo_uri = { type = "string"; format = "uri"; luaPattern = "^https:" };
@@ -681,6 +682,13 @@
return nil, oauth_error("invalid_request", "Failed schema validation.");
end
+ -- Fill in default values
+ for propname, propspec in pairs(registration_schema.properties) do
+ if client_metadata[propname] == nil and type(propspec) == "table" and propspec.default ~= nil then
+ client_metadata[propname] = propspec.default;
+ end
+ end
+
local client_uri = url.parse(client_metadata.client_uri);
if not client_uri or client_uri.scheme ~= "https" then
return nil, oauth_error("invalid_request", "Missing, invalid or insecure client_uri");