aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2023-03-01 13:02:51 +0000
committerMatthew Wild <mwild1@gmail.com>2023-03-01 13:02:51 +0000
commitf3d152eb1bb258c78931a3e4035b0d5fcf6392e1 (patch)
tree0697b7021978f097b3e1a481c3e053ba58656930
parenta58a6d2317ea9ca99a3e580db89303ee8041a7d6 (diff)
downloadprosody-f3d152eb1bb258c78931a3e4035b0d5fcf6392e1.tar.gz
prosody-f3d152eb1bb258c78931a3e4035b0d5fcf6392e1.zip
mod_tokenauth: Add some sanity checking of the new optional parameters
-rw-r--r--plugins/mod_tokenauth.lua4
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua
index 5edf51fd..fa8020bc 100644
--- a/plugins/mod_tokenauth.lua
+++ b/plugins/mod_tokenauth.lua
@@ -25,6 +25,10 @@ function create_jid_token(actor_jid, token_jid, token_role, token_ttl, token_dat
return nil, "invalid-host";
end
+ if (token_data and type(token_data) ~= "table") or (token_purpose and type(token_purpose ~= "string")) then
+ return nil, "bad-request";
+ end
+
local token_info = {
owner = actor_jid;
created = os.time();