mod_http_oauth2: Derive scope from correct user details
Plausible copypaste mistake
--- a/mod_http_oauth2/mod_http_oauth2.lua Fri Mar 03 14:22:05 2023 +0100
+++ b/mod_http_oauth2/mod_http_oauth2.lua Fri Mar 03 18:00:28 2023 +0100
@@ -107,7 +107,8 @@
return oauth_error("invalid_client", "incorrect credentials");
end
- local granted_scopes = filter_scopes(client_owner, client_host, params.scope);
+ local request_username, request_host = jid.split(granted_jid);
+ local granted_scopes = filter_scopes(request_username, request_host, params.scope);
local code = uuid.generate();
local ok = codes:set(params.client_id .. "#" .. code, {