aboutsummaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2023-03-16 13:45:49 +0100
committerKim Alvefur <zash@zash.se>2023-03-16 13:45:49 +0100
commit2331fc8b65377e722294b02bcf10d551336e6f6c (patch)
tree0a98e6121314373abb1e4e1bbcaeb1305dc891e7 /util
parent8aecd1981204a28d2ed2754c3d302995722eebcb (diff)
downloadprosody-2331fc8b65377e722294b02bcf10d551336e6f6c.tar.gz
prosody-2331fc8b65377e722294b02bcf10d551336e6f6c.zip
util.sasl.oauthbearer: Adjust parsing of GS2 to allow lack of authzid
Partly copied from util.sasl.scram and then reduced a bit.
Diffstat (limited to 'util')
-rw-r--r--util/sasl/anonymous.lua4
-rw-r--r--util/sasl/oauthbearer.lua5
2 files changed, 5 insertions, 4 deletions
diff --git a/util/sasl/anonymous.lua b/util/sasl/anonymous.lua
index de98a5e2..089f038f 100644
--- a/util/sasl/anonymous.lua
+++ b/util/sasl/anonymous.lua
@@ -33,8 +33,8 @@ local function anonymous(self, message) -- luacheck: ignore 212/message
local username;
repeat
username = generate_random_id():lower();
- until self.profile.anonymous(self, username, self.realm);
- self.username = username;
+ self.username = username;
+ until self.profile.anonymous(self, username, self.realm, message);
return "success"
end
diff --git a/util/sasl/oauthbearer.lua b/util/sasl/oauthbearer.lua
index 490a205f..7cba5f35 100644
--- a/util/sasl/oauthbearer.lua
+++ b/util/sasl/oauthbearer.lua
@@ -11,10 +11,11 @@ local function oauthbearer(self, message)
return "failure", "not-authorized";
end
- local gs2_authzid, kvpairs = message:match("n,a=([^,]+),(.+)$");
- if not gs2_authzid then
+ local gs2_header, kvpairs = message:match("^(n,[^,]*,),(.+)$");
+ if not gs2_header then
return "failure", "malformed-request";
end
+ local gs2_authzid = gs2_header:match("^[^,]*,a=([^,]*),$");
local auth_header;
for k, v in kvpairs:gmatch("([a-zA-Z]+)=([\033-\126 \009\r\n]*)\001") do