mod_http_oauth2: Accept empty scope
Some tool I used couldn't not send a scope, preventing it from working
with mod_http_oauth2. This change should fix that.
--- a/mod_http_oauth2/mod_http_oauth2.lua Fri Oct 23 22:07:06 2020 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua Fri Oct 23 22:23:20 2020 +0200
@@ -32,7 +32,7 @@
local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)"));
local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'"));
local request_username, request_host, request_resource = jid.prepped_split(request_jid);
- if params.scope then
+ if params.scope and param.scope ~= "" then
return oauth_error("invalid_scope", "unknown scope requested");
end
if not (request_username and request_host) or request_host ~= module.host then