annotate mod_auth_oauthbearer/README.markdown @ 5648:c217f4edfc4f

misc/mtail: Start of an mtail config Stashing it here in case anyone wants to continue working on it. Currently it's only counting log messages by level. Due to the permissions set by systemd on Prosody logs, mtail never managed to start correctly until permissions were manually relaxed.
author Kim Alvefur <zash@zash.se>
date Sun, 17 Sep 2023 13:36:30 +0200
parents 1a1affd22f74
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3114
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
1 ---
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
2 labels:
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
3 - 'Type-Auth'
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
4 summary: OAuth authentication
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
5 ...
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
6
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
7 Introduction
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
8 ============
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
9
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
10 This is an authentication module for the SASL OAUTHBEARER mechanism, as provided by `mod_sasl_oauthbearer`.
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
11
3116
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
12 You can use this to log in via OAuth, for example if you want your user's to log in with Github, Twitter, Reddit etc.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
13
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
14 The XMPP client needs get an OAuth token from the provider (e.g. Github) and send that to Prosody.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
15 This module will then verify that token by calling the `oauth_url` you've configured.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
16
3114
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
17 Configuration
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
18 =============
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
19
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
20 Per VirtualHost, you'll need to supply your OAuth client Id, secret and the URL which
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
21 Prosody must call in order to verify the OAuth token it receives from the XMPP client.
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
22
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
23 For example, for Github:
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
24
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
25 oauth_client_id = "13f8e9cc8928b3409822"
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
26 oauth_client_secret = "983161fd3ah608ea7ef35382668aad1927463978"
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
27 oauth_url = "https://api.github.com/applications/{{oauth_client_id}}/tokens/{{password}}";
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
28
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
29 authentication = "oauthbearer"