mod_http_oauth2: Return status 405 for GET to endpoints without GET handler
Endpoints that only do POST have the weird side effect that a GET query
to them return 404, which doesn't quite feel like the right semantics.
--- a/mod_http_oauth2/mod_http_oauth2.lua Sun Apr 30 20:34:36 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua Sun Apr 30 17:04:55 2023 +0200
@@ -918,6 +918,8 @@
-- Some convenient fallback handlers
["GET /register"] = { headers = { content_type = "application/schema+json" }; body = json.encode(registration_schema) };
+ ["GET /token"] = function() return 405; end;
+ ["GET /revoke"] = function() return 405; end;
};
});