aboutsummaryrefslogtreecommitdiffstats
path: root/DEPENDS
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2023-03-16 12:18:23 +0100
committerKim Alvefur <zash@zash.se>2023-03-16 12:18:23 +0100
commit566a991f8499d815314b695cb52959f334bcb9e9 (patch)
tree09b7f104dff8548c555e62e9199633917f789596 /DEPENDS
parent944c25f3522f0ae649b2e9d04729bf2278387744 (diff)
downloadprosody-566a991f8499d815314b695cb52959f334bcb9e9.tar.gz
prosody-566a991f8499d815314b695cb52959f334bcb9e9.zip
util.sasl.oauthbearer: Return username from callback instead using authzid (BC)
RFC 6120 states that > If the initiating entity does not wish to act on behalf of another > entity, it MUST NOT provide an authorization identity. Thus it seems weird to require it here. We can instead expect an username from the token data passed back from the profile. This follows the practice of util.sasl.external where the profile callback returns the selected username, making the authentication module responsible for extracting the username from the token.
Diffstat (limited to 'DEPENDS')
0 files changed, 0 insertions, 0 deletions