Mercurial > prosody-modules
annotate mod_sasl2/README.md @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 23 Jul 2023 02:56:08 +0200 |
| parents | 5b77f4720bfe |
| children | da942a3f3660 |
| rev | line source |
|---|---|
| 4798 | 1 --- |
| 2 labels: | |
|
5089
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
3 - Stage-Beta |
| 4798 | 4 summary: "XEP-0388: Extensible SASL Profile" |
| 5 --- | |
| 6 | |
|
5089
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
7 Implementation of [XEP-0388: Extensible SASL Profile]. **Note: At the time of |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
8 writing (Nov 2022) the version of the XEP implemented by this module is still |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
9 working its way through the XSF standards process. See [PR #1214](https://github.com/xsf/xeps/pull/1214) |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
10 for the current status.** |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
11 |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
12 ## Configuration |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
13 |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
14 This module honours the same configuration options as Prosody's existing |
|
5b77f4720bfe
mod_sasl2: Update and expand README with more (and updated) information
Matthew Wild <mwild1@gmail.com>
parents:
5064
diff
changeset
|
15 [mod_saslauth](https://prosody.im/doc/modules/mod_saslauth). |
|
5064
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
16 |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
17 ## Developers |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
18 |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
19 mod_sasl2 provides some events you can hook to affect aspects of the |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
20 authentication process: |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
21 |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
22 - `advertise-sasl-features` |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
23 - `sasl2/c2s/success` |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
24 - Priority 1000: Session marked as authenticated, success response created (`event.success`) |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
25 - Priority -1000: Success response sent to client |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
26 - Priority -1500: Updated <stream-features/> sent to client |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
27 - `sasl2/c2s/failure` |
|
7d33178c79f2
mod_sasl2: Add some brief dev notes about events to the README
Matthew Wild <mwild1@gmail.com>
parents:
4798
diff
changeset
|
28 - `sasl2/c2s/error` |