mod_http_oauth2: Strip unknown client metadata
Per RFC 7591
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
This was previously done but unintentionally removed in 90449babaa48
---
labels:
- 'Stage-Alpha'
summary: Module deprecated, just use mod_smacks
...
Introduction
============
This module is deprecated and superseded by mod_smacks.