Mercurial > prosody-modules
annotate mod_client_management/README.md @ 5305:9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
We decided to keep the unified listing of "clients", which includes both SASL2
clients and OAuth grants, etc. To a user, or someone wanting to manage what
can access their account, they are largely equivalent.
To accomplish this technically, we add a prefix to the id to state what type
it really is.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 05 Apr 2023 19:42:16 +0100 |
| parents | 385346b6c81d |
| children | 7c123d3285de |
| rev | line source |
|---|---|
|
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 --- |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 labels: |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 - Stage-Beta |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 summary: "Manage clients with access to your account" |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 rockspec: |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 dependencies: |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 - mod_sasl2_fast |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 --- |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 This module allows a user to identify what currently has access to their |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 account. |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 This module depends on [mod_sasl2_fast] and mod_tokenauth (bundled with |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 Prosody). Both will be automatically loaded if this module is loaded. |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 ## Configuration |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 | Name | Description | Default | |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |---------------------------|--------------------------------------------------------|-----------------| |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 | enforce_client_ids | Only allow SASL2-compatible clients | `false` | |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 When `enforce_client_ids` is not enabled, the client listing may be less accurate due to legacy clients, |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 which can only be tracked by their resource, which is public information, not necessarily unique to a |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 client instance, and is also exposed to other XMPP entities the user communicates with. |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 When `enforce_client_ids` is enabled, clients that don't support SASL2 and provide a client id will be |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 denied access. |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 ## Compatibility |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 Requires Prosody trunk (as of 2023-03-29). Not compatible with Prosody 0.12 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 and earlier. |