annotate mod_auth_oauthbearer/README.markdown @ 4980:da151f9af861

replaced 'session' with 'origin' in push_disable session is not defined in this function, trying to access it leads to an error. The correct reference seems to be 'origin'. (This may have come about by copying from the similar code in process_stanza_queue.)
author arcseconds
date Sat, 30 Jul 2022 21:07:47 +1200
parents 1a1affd22f74
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3114
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
1 ---
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
2 labels:
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
3 - 'Type-Auth'
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
4 summary: OAuth authentication
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
5 ...
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
6
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
7 Introduction
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
8 ============
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
9
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
10 This is an authentication module for the SASL OAUTHBEARER mechanism, as provided by `mod_sasl_oauthbearer`.
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
11
3116
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
12 You can use this to log in via OAuth, for example if you want your user's to log in with Github, Twitter, Reddit etc.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
13
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
14 The XMPP client needs get an OAuth token from the provider (e.g. Github) and send that to Prosody.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
15 This module will then verify that token by calling the `oauth_url` you've configured.
1a1affd22f74 mod_auth_oauthbearer: expand intro to mention when/how you'd use this
JC Brand <jc@opkode.com>
parents: 3114
diff changeset
16
3114
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
17 Configuration
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
18 =============
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
19
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
20 Per VirtualHost, you'll need to supply your OAuth client Id, secret and the URL which
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
21 Prosody must call in order to verify the OAuth token it receives from the XMPP client.
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
22
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
23 For example, for Github:
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
24
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
25 oauth_client_id = "13f8e9cc8928b3409822"
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
26 oauth_client_secret = "983161fd3ah608ea7ef35382668aad1927463978"
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
27 oauth_url = "https://api.github.com/applications/{{oauth_client_id}}/tokens/{{password}}";
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
28
73ada978dabc mod_sasl_oauthbearer and mod_auth_oauthbearer
JC Brand <jc@opkode.com>
parents:
diff changeset
29 authentication = "oauthbearer"