Mercurial > prosody-modules
annotate mod_client_management/README.md @ 5646:d67980d9e12d
mod_http_oauth2: Apply refresh token ttl to refresh token instead of grant
The intent in 59d5fc50f602 was for refresh tokens to extend the lifetime
of the grant, but the refresh token ttl was applied to the grant and
mod_tokenauth does not change it, leading to the grant expiring
regardless of refresh token usage.
This makes grant lifetimes unlimited, which seems to be standard
practice in the wild.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 11 Sep 2023 10:48:31 +0200 |
parents | e9af6abf2b1e |
children |
rev | line source |
---|---|
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 --- |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 labels: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 - Stage-Beta |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 summary: "Manage clients with access to your account" |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 rockspec: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 dependencies: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 - mod_sasl2_fast |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 --- |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 This module allows a user to identify what currently has access to their |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 account. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 This module depends on [mod_sasl2_fast] and mod_tokenauth (bundled with |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 Prosody). Both will be automatically loaded if this module is loaded. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 ## Configuration |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 | Name | Description | Default | |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |---------------------------|--------------------------------------------------------|-----------------| |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 | enforce_client_ids | Only allow SASL2-compatible clients | `false` | |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 When `enforce_client_ids` is not enabled, the client listing may be less accurate due to legacy clients, |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 which can only be tracked by their resource, which is public information, not necessarily unique to a |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 client instance, and is also exposed to other XMPP entities the user communicates with. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 When `enforce_client_ids` is enabled, clients that don't support SASL2 and provide a client id will be |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 denied access. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
5314
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
29 ## Shell usage |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
30 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
31 You can use this module via the Prosody shell. For example, to list a user's |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
32 clients: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
33 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
34 ```shell |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
35 prosodyctl shell user clients user@example.com |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
36 ``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
37 |
5594
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
38 To revoke access from particular client: |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
39 |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
40 ```shell |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
41 prosodyctl shell user revoke_client user@example.com grant/xxxxx |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
42 ``` |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5314
diff
changeset
|
43 |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 ## Compatibility |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 Requires Prosody trunk (as of 2023-03-29). Not compatible with Prosody 0.12 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 and earlier. |
5314
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
48 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
49 ## Developers |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
50 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
51 ### Protocol |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
52 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
53 #### Listing clients |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
54 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
55 To list clients that have access to the user's account, send the following |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
56 stanza: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
57 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
58 ```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
59 <iq id="p" type="get"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
60 <list xmlns="xmpp:prosody.im/protocol/manage-clients"/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
61 </iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
62 ``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
63 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
64 The server will respond with a list of clients: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
65 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
66 ```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
67 <iq id="p" to="mattj-gajim@auth2.superxmpp.com/gajim.UYJKBHKT" type="result" xmlns="jabber:client"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
68 <clients xmlns="xmpp:prosody.im/protocol/manage-clients"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
69 <client connected="true" id="client/zeiP41HLglIu" type="session"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
70 <first-seen>2023-04-06T14:26:08Z</first-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
71 <last-seen>2023-04-06T14:37:25Z</last-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
72 <auth> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
73 <password/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
74 </auth> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
75 <user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
76 <software>Gajim</software> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
77 <uri>https://gajim.org/</uri> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
78 <device>Juliet's laptop</device> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
79 </user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
80 </client> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
81 <client connected="false" id="grant/HjEEr45_LQr" type="access"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
82 <first-seen>2023-03-27T15:16:09Z</first-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
83 <last-seen>2023-03-27T15:37:24Z</last-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
84 <user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
85 <software>REST client</software> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
86 </user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
87 </client> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
88 </clients> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
89 </iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
90 ``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
91 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
92 On the `<client/>` tag most things are self-explanatory. The following attributes |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
93 are defined: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
94 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
95 - 'connected': a boolean that reflects whether this client has an active session |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
96 on the server (i.e. this includes connected and "hibernating" sessions). |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
97 - 'id': an opaque reference for the client, which can be used to revoke access. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
98 - 'type': either `"session"` if this client is known to have an active or inactive |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
99 client session on the server, or "access" if no session has been established (e.g. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
100 it may have been granted access to the account, but only used non-XMPP APIs or |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
101 never logged in). |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
102 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
103 The `<first-seen/>` and `<last-seen/>` elements contain timestamps that reflect |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
104 when a client was first granted access to the user's account, and when it most |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
105 recently used that access. For active sessions, it may reflect the current |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
106 time or the time of the last login. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
107 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
108 The `<user-agent/>` element contains information about the client software. It |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
109 may contain any of three optional child elements, each containing text content: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
110 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
111 - `<software/>` - the name of the software |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
112 - `<uri/>` - a URI/URL for the client, such as a homepage |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
113 - `<device/>` - a human-readable identifier/name for the device where the client |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
114 runs |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
115 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
116 The `<auth/>` element lists the known authentication methods that the client |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
117 has used to gain access to the account. The following elements are defined: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
118 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
119 - `<password/>` - the client has presented a valid password |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
120 - `<grant/>` - the client has a valid authorization grant (e.g. via OAuth) |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
121 - `<fast/>` - the client has active FAST tokens |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
122 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
123 #### Revoking access |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
124 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
125 To revoke a client's access, send a `<revoke/>` element with an 'id' attribute |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
126 containing one of the client ids fetched from the list: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
127 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
128 ```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
129 <iq id="p" type="set"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
130 <revoke xmlns="xmpp:prosody.im/protocol/manage-clients" id="grant/HjEEr45_LQr" /> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
131 </iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
132 ``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
133 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
134 The server will respond with an empty result if the revocation succeeds: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
135 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
136 ```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
137 <iq id="p" type="result" /> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
138 ``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
139 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
140 If the client has previously authenticated with a password, there is no way to |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
141 revoke access except by changing the user's password. If you request |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
142 revocation of such a client, the server will respond with a 'service-unavailable' |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
143 error, with the 'password-reset-required' application error: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
144 |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
145 ```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
146 <iq id="p" type="error"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
147 <error type="cancel"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
148 <service-unavailable xmlns="xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
149 <password-reset-required xmlns="xmpp:prosody.im/protocol/manage-clients"/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
150 </error> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
151 </iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
152 ``` |