Mercurial > prosody-modules
annotate mod_http_roster_admin/README.markdown @ 5404:1087f697c3f3
mod_http_oauth2: Strip unknown extra fields from client registration
We shouldn't sign things we don't understand!
RFC 7591 section-2 states:
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
Prevents grandfathering in of unvalidated data that might become used
later, especially since the 'additionalProperties' schema keyword was
removed in 698fef74ce53
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 02 May 2023 16:23:40 +0200 |
parents | af1b3cef52e1 |
children |
rev | line source |
---|---|
2311 | 1 --- |
2 labels: | |
3 - 'Stage-Beta' | |
4 summary: Delegate roster management to an external service | |
5 ... | |
2161 | 6 |
2312
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
7 *NOTE: THIS MODULE IS RELEASED UNDER THE MOZILLA PUBLIC LICENSE VERSION 2.* |
2161 | 8 |
9 Normally the XMPP server will store and maintain the users' contact | |
10 rosters. This module lets you delegate roster management to an external | |
11 service. | |
12 | |
13 Prosody will make an HTTP request to fetch the roster from the external | |
14 service. The service will need to notify Prosody whenever a user's roster | |
15 changes, so that Prosody can fetch a new roster for that user. | |
16 | |
2312
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
17 ## Configuring this module |
2161 | 18 |
19 This module relies on `mod_storage_memory` and `mod_block_subscriptions`. | |
20 | |
21 In `.parts/prosody/etc/prosody/prosody.cfg.lua`, where your particular | |
22 `VirtualHost` is being configured, add the following: | |
23 | |
3007
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
24 ``` lua |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
25 modules_enabled = { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
26 "http_roster_admin", |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
27 "block_subscriptions", |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
28 "storage_memory", |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
29 "http_files" |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
30 } |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
31 modules_disabled = { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
32 -- Prosody will get the roster from the backend app, |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
33 -- so we disable the default roster module. |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
34 "roster" |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
35 } |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
36 storage = { roster = "memory" } |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
37 http_roster_url = "http://localhost/contacts/%s" -- %s will be replaced by an URL-encoded username |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
38 ``` |
2161 | 39 |
40 The `http_roster_url` parameter needs to be configured to point to the | |
41 URL in the backend application which returns users' contacts rosters. | |
42 | |
43 In this URL, the pattern `%s` is replaced by an URL-encoded username. | |
44 | |
45 When the user *john* then connects to Prosody, and `http_roster_url` is | |
46 set to “http://app.example.org/contacts/%s”, then Prosody will make a | |
47 GET request to http://app.example.org/contacts/john | |
48 | |
3006
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
49 ## Protocol |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
50 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
51 ### Fetching rosters (Prosody to web app) |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
52 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
53 Prosody considers the web application to always hold the most accurate and up-to-date |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
54 version of the user's roster. When a user first connects, Prosody fetches the roster |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
55 from the web application and caches it internally. |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
56 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
57 Prosody will make a GET request to the URL specified in Prosody's configuration parameter |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
58 'http_roster_url'. In this URL, the pattern '%s' is replaced by an URL-encoded username. |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
59 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
60 For example, when the user 'john' connects to Prosody, and http_roster_url is set |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
61 to "http://app.example.com/contacts/%s", Prosody will make a GET request to "http://app.example.com/contacts/john". |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
62 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
63 The web app must return a JSON object, where each key is the JID of a contact, and the corresponding |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
64 value is data about that contact. |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
65 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
66 If the user 'john' has friends 'marie' and 'michael', the web app would return a HTTP '200 OK' response |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
67 with the following contents: |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
68 |
3007
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
69 ``` json |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
70 { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
71 "marie@example.com": { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
72 "name": "Marie" |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
73 }, |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
74 |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
75 "michael@example.com": { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
76 "name": "Michael" |
3006
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
77 } |
3007
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
78 } |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
79 ``` |
3006
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
80 |
e6f91e00b507
mod_http_roster_admin: Add missing protocol docs
Matthew Wild <mwild1@gmail.com>
parents:
2312
diff
changeset
|
81 ### Notifying Prosody of roster changes |
2161 | 82 |
83 The external service needs to notify Prosody whenever a user's roster | |
84 changes. To do this, it must make an HTTP POST request to either: | |
85 | |
2312
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
86 - http://localhost:5280/roster_admin/refresh |
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
87 - https://localhost:5281/roster_admin/refresh |
2161 | 88 |
89 Make sure that the "http_files" module is enabled in Prosody's configuration, | |
90 for the above URLs to served. | |
91 | |
92 Ports 5280/5281 can be firewalled and the web server (i.e. Apache or Nginx) | |
93 can be configured to reverse proxy those URLs to for example | |
94 https://example.org/http-bind. | |
95 | |
96 The contents of the POST should be a JSON encoded array of usernames whose | |
97 rosters have changed. | |
98 | |
99 For example, if user ‘john’ became friends with ‘aaron’, both john’s | |
100 contact list and aaron’s contact lists have changed: | |
101 | |
3007
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
102 ``` json |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
103 ["john", "aaron"] |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
104 ``` |
2161 | 105 |
106 When the operation is complete Prosody will reply with a summary of the | |
107 operation - a JSON object containing: | |
108 | |
2312
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
109 - **status**: either “ok” (success) or “error” (operation completely failed) |
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
110 - **message**: A human-readable message (for logging and debugging purposes) |
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
111 - **updated**: The number of rosters successfully updated |
234d679076c4
Proper markdown syntax
JC Brand <jcbrand@minddistrict.com>
parents:
2311
diff
changeset
|
112 - **errors**: The number of rosters that failed to update |
2161 | 113 |
114 Example: | |
115 | |
3007
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
116 ``` json |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
117 { |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
118 "status": "ok", |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
119 "message": "roster update complete", |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
120 "updated": 2, |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
121 "errors": 0 |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
122 } |
af1b3cef52e1
mod_http_roster_admin: Add syntax highlighting hints
Kim Alvefur <zash@zash.se>
parents:
3006
diff
changeset
|
123 ``` |
2161 | 124 |
125 Prosody may also return status codes `400` or `500` in case of errors (such | |
126 as a missing/malformed body). |