Mercurial > prosody-modules
annotate mod_adhoc_oauth2_client/README.markdown @ 5264:d3ebaef1ea7a
mod_http_oauth2: Correctly verify OAuth client credentials on revocation
Makes no sense to validate against username and password here, or using
a token to revoke another token, or itself?
In fact, upon further discussion, why do you need credentials to revoke
a token? If you are not supposed to have the token, revoking it seems
the most responsible thing to do with it, so it should be allowed, while
if you are supposed to have it, you should be allowed to revoke it.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 21 Mar 2023 21:57:18 +0100 |
| parents | a9c1cc91d3d6 |
| children |
| rev | line source |
|---|---|
|
4264
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 --- |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 labels: |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 - Stage-Alpha |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 summary: 'Create OAuth2 clients via ad-hoc command' |
|
5260
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
5 rockspec: |
|
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
6 dependencies: |
|
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
7 - mod_http_oauth2 |
|
4264
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 ... |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 Introduction |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 ============ |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
|
5260
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
13 [Ad-Hoc command][XEP-0050] interface to |
|
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
14 [dynamic OAuth2 registration](https://oauth.net/2/dynamic-client-registration/) |
|
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
15 provided by [mod_http_oauth2]. |
|
4264
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 Compatibility |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 ============= |
|
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
|
5260
a9c1cc91d3d6
mod_adhoc_oauth2_client: Update to call into mod_http_oauth2
Kim Alvefur <zash@zash.se>
parents:
5253
diff
changeset
|
20 Same as [mod_http_oauth2] |
|
4264
84bdf7e01744
mod_adhoc_oauth2_client: Add stub README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |