mod_http_oauth2: Validate redirect URI depending on application type Per https://openid.net/specs/openid-connect-registration-1_0.html require that web applications use https:// and native applications must use either http://localhost or a custom (non-https) URI. Previous requirement that hostname matches that of client_uri is kept for web applications.

mod_http_oauth2: Fill in some client metadata defaults Explicit > Implicit Maybe we should actually use these for something as well? :) It's is somewhat an open question of how strictly we should enforce things in the client metadata given that it is somewhat extensible. Especially some of these enum fields which have corresponding IANA registries.

mod_http_oauth2: Allow only l10n variants of name in client metadata Since "client_name" seems to be the only human readable non-URI property that makes sense to have localized version of. Therefore it seems excessive to allow arbitrary additionalProperties. We don't make use of localized versions of client_name and URIs yet, but it would be nice to do so.

mod_http_oauth2: Normalize whitespace in client metadata schema Random extra whitespace?

mod_log_ringbuffer: Fix description and examples of level configuration

mod_log_ringbuffer: Fix example config

mod_oidc_userinfo_vcard4: Fix phone number claim Copy-paste mistake probably

mod_oidc_userinfo_vcard4: Unpack <vcard> from PubSub <item> Forgot about the <item>, so it was previously attempting to extract all properties from that instead of the inner <vcard>

mod_http_oauth2: Use new Lua pattern schema properties

mod_http_oauth2: Include additional OpenID scopes in metadata Drops fallback because this module probably doesn't work with Prosody before the role stuff anyway.