mod_client_management: Fail to revoke clients that have used passwords
Return an error so the caller can take appropriate action, e.g. encouraging
the user to change their password.
--- a/mod_client_management/mod_client_management.lua Wed Apr 05 19:42:16 2023 +0100
+++ b/mod_client_management/mod_client_management.lua Wed Apr 05 19:45:13 2023 +0100
@@ -294,6 +294,9 @@
local ok = tokenauth.revoke_grant(username, status.grant.id);
if not ok then return nil, "internal-server-error"; end
end
+ if status.password then
+ return nil, "password-reset-required";
+ end
return true;
elseif c_type == "grant" then
local grant = tokenauth.get_grant_info(username, c_id);